[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Using back-ldap as a dumb proxy
I'm trying to set up a very simply slapd that takes incoming requests
locally, and forwards them on to a remote server using SASL/GSSAPI to get
the information, so that a internal app that doesn't understand SASL/GSSAPI
can get the information it needs.
I'm trying to configure back-ldap thusly:
# /etc/ldap/slapd.conf -- LDAP proxy slapd configuration file.
# $Id$
# Global Options
modulepath /usr/lib/ldap
moduleload back_ldap.la
readonly on
access to *
by * read
# LDAP Proxy Options
database ldap
suffix "dc=stanford,dc=edu"
uri "ldap://ldap-test1.stanford.edu/"
idassert-bind bindmethod=sasl saslmech=GSSAPI
protocol-version 3
but it keeps complaining that the DN for the suffix is invalid. I see
nothing wrong with this suffix.
line 17 (suffix "dc=stanford,dc=edu")
dnPrettyNormal: <dc=stanford,dc=edu>
=> ldap_bv2dn(dc=stanford,dc=edu,0)
<= ldap_bv2dn(dc=stanford,dc=edu)=0
ldap_err2string
/etc/ldap/slapd.conf: line 17: <suffix> invalid DN 21 (Invalid syntax)
slapd destroy: freeing system resources.
slapd stopped.
connections_destroy: nothing to destroy.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html