[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP as a proxy for Active Directory (missing attributes)

To: Mike Olivieri <mike.olivieri@gmail.com>
Subject: Re: OpenLDAP as a proxy for Active Directory (missing attributes)
From: Marius Flage <marius@flage.org>
Date: Fri, 27 Aug 2010 07:14:52 +0200
Cc: openldap-technical@openldap.org
In-reply-to: <AANLkTikCYFfeq0NpoeUwxCqR9UJ-QWEKiFSZGiwwB1JH@mail.gmail.com>
References: <4C6E7414.1060502@flage.org> <4C6E7E02.6010006@phillipoux.net> <AANLkTikCYFfeq0NpoeUwxCqR9UJ-QWEKiFSZGiwwB1JH@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.11) Gecko/20100713 Thunderbird/3.0.6

On 08/26/2010 11:10 PM, Mike Olivieri wrote:

> However, when I try to search for that same user using ldapsearch, I get
> no results.
> ldapsearch -x \
>         -a always \
>         -h fqa-ldap \
>         -p 9389 \
>         -D "CN=mike0,OU=Service Accounts,dc=myco_ad,dc=mycompany,dc=com" \
>         -w "password" \
>         -b "DC=MYCO_AD,dc=mycompany,dc=com" \
>         "(sAMAccountName=mikeo)"

Try omitting the search filter '(sAMAccountName)', do you get any
results then? If so, then you need to add the attribute declaration for
sAMAccountName to your schema:

attributetype ( 1.2.840.113556.1.4.221
        NAME 'sAMAccountName'
        EQUALITY caseExactMatch
        SYNTAX '1.3.6.1.4.1.1466.115.121.1.15'
        SINGLE-VALUE )

That's my only guess to this and I'll leave it to the experts if that's
not the solution :)

- Marius

References:
- OpenLDAP as a proxy for Active Directory (missing attributes)
  - From: Marius Flage <marius@flage.org>
- Re: OpenLDAP as a proxy for Active Directory (missing attributes)
  - From: Jonathan Clarke <jonathan@phillipoux.net>

Prev by Date: Re: access control, groups/organizationalRole
Next by Date: RE: tnsnames in openldap
Index(es):
- Chronological
- Thread