[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
LDAP proxy with local database
- To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
- Subject: LDAP proxy with local database
- From: Tunguskin Petr <wmac2@yandex.ru>
- Date: Wed, 30 Jun 2010 14:14:05 +0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1277892846; bh=gcfmAPGlycI5LxA2to2mPokexK+F7f8xSC4M2Wfu5fE=; h=From:To:Subject:MIME-Version:Message-Id:Date: Content-Transfer-Encoding:Content-Type; b=VvXKU/dmWMe2O6aR/xZBah4sJyJMR/MwpK+oEAOMZCrkPVZLzJMcAtEr+pXAANxB9 BjYCTUajMpDNPessZYQOKTsYcdPcTO96bZ64fHfkteTjg0zFMiZHK7VS0K05/W0cWe PT7I5HO9UJ/4rmGyVHYtVwTn7TAcGS5AFh/lF14s=
Hello.
I have one program which can authenticate with LDAP server and Active Directory with read access.
I need to authenticate extra users, but I can't add them to Active Directory for security reasons. Program can work with only one LDAP source.
I have tryed to use openldap chain overlay to join local and remote LDAP databases with refferals. Search works fine, but bind operation doesn't work, openldap writes error:
<= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30989)
Is it possible to bind to remote LDAP records with chain overlay?
------------------------------------------
database bdb
suffix "dc=local"
rootdn "cn=ldapadmin,dc=local"
rootpw 12345678
directory /var/lib/ldap
overlay chain
chain-uri "ldap://10.1.1.1/"
chain-rebind-as-user TRUE
chain-cache-uri true
chain-chaining resolve=chainingRequired continuation=chainingRequired
chain-idassert-bind bindmethod="simple"
binddn="cn=ldapuser,cn=Users,dc=test,dc=local"
credentials="123"
mode="none"
----------------------------------------
Could you recommend another solution?
Thank you
--