[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP proxy with local database



Hello.

I have one program which can authenticate with LDAP server and Active Directory with read access.
I need to authenticate extra users, but I can't add them to Active Directory for security reasons. Program can work with only one LDAP source.

I have tryed to use openldap chain overlay to join local and remote LDAP databases with refferals. Search works fine, but bind operation doesn't work, openldap writes error:
<= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30989)

Is it possible to bind to remote LDAP records with chain overlay?

------------------------------------------
database        bdb
suffix          "dc=local"
rootdn          "cn=ldapadmin,dc=local"
rootpw          12345678

directory       /var/lib/ldap

overlay               chain
chain-uri             "ldap://10.1.1.1/";
chain-rebind-as-user    TRUE
chain-cache-uri         true
chain-chaining          resolve=chainingRequired continuation=chainingRequired
chain-idassert-bind     bindmethod="simple"
                      binddn="cn=ldapuser,cn=Users,dc=test,dc=local"
              credentials="123"
                      mode="none"
----------------------------------------

Could you recommend another solution?

Thank you
--