Markus wrote:
I have found a solution to the problem with the help of the following Blog entry that I found via Googling: http://blog.sejo.be/2010/01/8/openldap-en-3-ad-servers/ This guy is my hero. :-)
That's it. And what I just realized that I'm not using the "subordinate" feature how its supposed to work (according to the Blog entry) cause for me it doesn't work as described. So that means since I'm specifying the _passwd and _group stuff directly in /etc/ldap.conf I could probably also use multiple "database ldap" entries instead of "database meta". But then the question is how can I log in with a single root DN to my local OpenLDAP server, since /etc/ldap.conf allows only to set one, and only one search base (which is so 90s in some way).
Again, you're on the wrong list to be discussing nss_ldap issues, that's nss-ldap@padl.com. But in fact, PADL's nss_ldap has supported multiple search bases since nss_ldap-204, released in 2003. You should re-read the nss_ldap documentation, and send your questions to the correct mailing lists.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/