On Tue, Jan 22, 2008 at 01:14:47AM -0800, Howard Chu wrote:
> Aiko Barz wrote:
>> Hello,
>>
>> is it possible to create an Active Directory forest with multible
>> subdomains and make those informations available for one Linux
>> machine?
>> Right now, we have one domain and it is possible to do authentication
>> against the Active Directory, while using OpenLDAP, PAM and Kerberos.
>
> There's nothing in OpenLDAP that would prevent this. This is a question
> more suited to either the pam_ldap or nss_ldap mailing lists. The only
> problem is you might have cn=userA representing two different users in
> both domains at once, and you'll have to have some kind of policy for
> dealing with those situations.
Hello,
I was testing a subdomain configuration and I wondered: What happened
to the -C switch? And will there be support for following referrals
with credentials?
Debian/Testing:
> $ ldapsearch -h 2>&1| grep "\-C" | wc -l
> 0
> $ ldapsearch -VV
> ldapsearch: @(#) $OpenLDAP: ldapsearch 2.4.7 (Jan 22 2008 00:11:57) $
> buildd@ninsei:/build/buildd/openldap2.3-2.4.7/debian/build/clients/tools
> (LDAP library: OpenLDAP 20407)
So long,
Aiko
--
:wq â
Attachment:
signature.asc
Description: Digital signature