[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: OpenLDAP proxy to AD
> Hi all,
>
> I'm setting up OpenLDAP as a proxy to AD so that LDAP queries directed
> to the OpenLDAP proxy then connects to the AD via LDAPS.
>
> OpenLDAP is up and running and the LDAP backend is working fine..
>
> When I submit a query to the proxy server (using ldapsearch) I do not get
> a response (the same query directly to the AD returns what I expect).
>
> e.g. (query modified to protect the innocent :)
>
> ldapsearch -v -h 127.0.0.1 -b "ou=bottom,dc=middle,dc=top"
> "samaccountName=steve"
>
> Running slapd with '-d -1' reveals the following ;
>
> get_ava: unknown attributeType samaccountName
>
>
> I also have an attribute map in place and the debug reveals the following
> suring startup ;
>
> /usr/local/etc/openldap/slapd.conf: line 35: warning, destination
> attributeType 'samaccountname' is not defined in schema
>
What's your slapd.conf look like on that map entry?
I was able to map using back-meta with this
map attribute mail userPrincipalName
This mapped the AD userPrincipalName to the opendlap mail. I didn't need
to define what userPrincipalName was in openldap.
This is using openldap 2.1.30.