[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Proxy to Active Directory: lost field
Hello.
I use OpenLDAP as proxy for M$ AD.
The problem is: I can set filter only by some fileds like CN or Name.
I can't query AD by sAMAccountName via proxy
Also I can't see many AD-specific fileds while browsing AD via OpenLDAP
proxy.
Request to proxy:
ldapsearch -M -LLL -H ldap://localhost:389 -x -D
"cn=aduser,ou=allusers,ou=itdep,dc=domain,dc=company,dc=com" -w
password -x -b "dc=domain,dc=company,dc=com"
'(sAMAccountName=bogdan.rudas)' sAMAccountName
Return nothing.
Request directly to AD LDAP:
ldapsearch -M -LLL -H ldap://ADserver.domain.company.com:1234 -x -D
"cn=aduser,ou=allusers,ou=itdep,dc=domain,dc=company,dc=com" -w
password -x -b "dc=domain,dc=company,dc=com"
'(sAMAccountName=bogdan.rudas)' cn
Returns:
dn: CN=Bogdan Rudas.......skipped....
cn: Bogdan Rudas
Yet another request to proxy:
ldapsearch -M -LLL -H ldap://ADserver.domain.company.com:1234 -x -D
"cn=aduser,ou=allusers,ou=itdep,dc=domain,dc=company,dc=com" -w
password -x -b "dc=domain,dc=company,dc=com" '(name=Bogdan Rudas)' cn
sAMAccountName
dn: cn=Bogdan Rudas.......skip.....
cn: Bogdan Rudas
SAMACCOUNTNAME: bogdan.rudas
Slapd version 2.4.11-1
Running on Debian 5.0 amd64
OpenLDAP config:
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
modulepath /usr/lib/ldap
moduleload back_ldap
access to dn.base="" by * read
access to *
by self read
by users read
by anonymous auth
loglevel 256
######################################################
# database definitions
######################################################
database ldap
suffix "dc=intra,dc=nival,dc=com"
uri "ldap://ADserver.domain.company.com:1234";
acl-bind bindmethod=simple
binddn="cn=aduser,ou=allusers,ou=itdep,dc=domain,dc=company,dc=com"
credentials=password
chase-referrals yes