[Date Prev][Date Next] [Chronological] [Thread] [Top]

subordinate + translucent

To: openldap-technical@openldap.org
Subject: subordinate + translucent
From: "Wouter D'Haeseleer" <wdh@vasco.com>
Date: Thu, 07 Oct 2010 13:55:36 +0200
Organization: Vasco Data Security

This is what I would like todo:

- Have a local DB which contains only groups under
ou=Groups,OU=example,DC=com
- Have a translucent conection to Active Directory 
- using subordinate gue this 2 databases together

This should make it possible to administrate local Groups
And add the needed Posix stuff to our ActiveDirectory users.

This seems to work exept for the translucent stuff.
I see both my databases (The AD and the Local one) I can write to my
local one (adding a group for example)

But when I want to add extra attributes to an ActiveDirectory use (using
the translucent) I can't do this
I Receive the following error "No Such Object"

It seems that I'm not able to write to the glued translucent DB.

Here is the config.


database bdb

suffix "ou=ActiveDir,OU=example,DC=com"
subordinate
directory "/var/lib/ldap-translucent"

overlay translucent
uri "ldap://remotehost";
acl-bind bindmethod=simple binddn="cn=readonlyuser,OU=example,DC=com"
credentials=secret 
idassert-bind   bindmethod=simple
binddn="cn=readonlyuser,OU=example,DC=com" credentials="secret"
mode=none flags=non-prescriptive


database bdb

suffix "OU=example,DC=com"
overlay glue
directory "/var/lib/ldap"

rootdn "cn=admin,OU=example,DC=com"
rootpw supersecure
index cn,sn,uid pres,eq,approx,sub
index objectClass eq

Prev by Date: RE: memberOf module install on ubuntu 10.04 slapd package gives:"Insufficient access" using admin interface
Next by Date: meta backend olc?
Index(es):
- Chronological
- Thread