[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: problem with ldap backend
Hi
I have progressed a little bit further
I have stopped using olcdbaclbind and started to use
olcDbIDAssertAuthzFrom: "*"
olcDbIDAssertBind: bindmethod=none authzId="CN=ad readonly,OU=Services ,DC= xyz,DC=com" credentials="secret" starttls=no
but I get this
text: 000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this ope
ration a successful bind must be completed on the connection., data 0, v1db1
I am able to ldapsearch with these credentials, I also tried change bindmethod to simple, but same error
How do I turn on debug for the ldap backend ?
Any one have any ideas on how to make this work ?
Alex
> -----Original Message-----
> From: openldap-technical-bounces@OpenLDAP.org [mailto:openldap-technical-
> bounces@OpenLDAP.org] On Behalf Of Alex Samad - Yieldbroker
> Sent: Wednesday, 28 March 2012 1:58 PM
> To: openldap-technical@openldap.org
> Subject: problem with ldap backend
>
> Hi
>
> I am trying to setup a connection from openldap to MS AD
>
> I am using this
>
> dn: olcDatabase={3}ldap
> objectClass: olcDatabaseConfig
> objectClass: olcLDAPConfig
> olcDatabase: {3}ldap
> olcSuffix: dc=xyz,dc=com
> olcAccess: {0}to dn.base="" by * read
> olcAccess: {1}to dn.base="cn=Subschema" by * read
> olcAccess: {2}to * by self write by users read by anonymous auth
> olcReadOnly: TRUE
> olcRootDN: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
> olcSizeLimit: 500
> olcDbURI: "ldap://dc101. xyz.com ldap://dc201. xyz.com"
> olcDbRebindAsUser: TRUE
> olcDbChaseReferrals: TRUE
>
>
> This works fine when I pass a bind DN.
>
> I would like to convert this to allow anon access to ldap, which does a user bind
> to MS AD so I added this
>
>
> olcdbaclbind: bindmethod=simple binddn="CN=ad readonly,OU= xyz,DC=
> xyz,DC=com" credentials="secret" starttls=no
>
> but it is not working, I can not make a anon search request, they retrieve any
> thing frome the MSAD ldap server.
>
> Thanks
>
>
>
>