[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLDAP proxy to AD



Hi all,

I'm setting up OpenLDAP as a proxy to AD so that LDAP queries directed
to the OpenLDAP proxy then connects to the AD via LDAPS.

OpenLDAP is up and running and the LDAP backend is working fine..

When I submit a query to the proxy server (using ldapsearch) I do not get
a response (the same query directly to the AD returns what I expect).

e.g. (query modified to protect the innocent :)

ldapsearch -v -h 127.0.0.1 -b "ou=bottom,dc=middle,dc=top"
"samaccountName=steve"

Running slapd with '-d -1' reveals the following ;

     get_ava: unknown attributeType samaccountName


I also have an attribute map in place and the debug reveals the following
suring startup ;

   /usr/local/etc/openldap/slapd.conf: line 35: warning, destination
attributeType 'samaccountname' is not defined in schema


I'm guessing that I need an Active Directory schema of some form - is one
available (I've trawled Google and the mailing list archives) - any ideas
?

Cheers - Steve