[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
back-ldap: how to bind to remote server?
- To: openldap-software@openldap.org
- Subject: back-ldap: how to bind to remote server?
- From: Székelyi Szabolcs <cc@mail.3d.hu>
- Date: Mon, 23 Apr 2007 23:06:12 +0200
- Openpgp: url=http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5AB33243
- User-agent: Icedove 1.5.0.10 (X11/20070329)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I'm trying to use OpenLDAP as a proxy. I want it to bind to the remote
LDAP server with a fixed dn, and use that dn for searches. This way,
any dn binding to the proxy (even anonymously) could see objects and
attributes that the dn used to bind to the real LDAP server can see.
My problem is that it seems that the proxy does not bind to the remote
server (in other words, it binds anonymously), just forwards searches,
which fail this way, because the remote server requires authentication.
The binddn and bindpw configuration options are correct, I can use
ldapsearch to retrieve objects directly from the remote server.
Looking at the network traffic, I can't see the proxy attempting to bind
using the dn given in the binddn option.
Here is the relevant part of my slapd.conf:
==
database ldap
suffix dc=company,dc=local
chase-referrals no
lastmod off
uri ldap://remotehost
binddn <binddn>
bindpw <bindpw>
==
Is it possible to configure back-ldap this way?
Thanks,
- --
cc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGLR/EGJRwVVqzMkMRAtG6AJ4kcCsQ3P+AdvwypvSAOx636WrlWgCfaPcO
y05t2kWjfb4CUZh5kpMzVY4=
=Puce
-----END PGP SIGNATURE-----