[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Problem when using OpenLDAP query to AD server
Duong Pham Tung wrote:
Sorry, but if anyone can, give me a example of slapd.conf for openldap
proxy.
I tried using idassert-bind instead of using binddn/bindpw, but nothing can
be finished
You didn't specify what you intend to do. First of all you may want to
read this <http://www.openldap.org/faq/data/cache/532.html>.
If your intention is to proxy anonymous clients on an authenticated
connection, you can use
database ldap
suffix "dc=example,dc=com"
uri "ldap://ldap.example.com";
idassert-bind bindmethod=simple
binddn="cn=Proxy,dc=example,dc=com"
credentials=proxy
mode=none
idassert-authzFrom "*"
Replace the binddn and credentials fields accordingly. Beware that by
doing this you're breaking security, since AD will see anonymous users
as the identity you put in the binddn. So anonymous (or any user) will
have the privileges of the binddn.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Fax: +39 0382 476497
Email: ando@sys-net.it
-----------------------------------