[Date Prev][Date Next]
Re: OpenLDAP proxy to AD
Steve Harris wrote:
Ask AD (i.e. the schema under "subschemasubentry" in the rootDSE); you
likely need to do some manual work to cast stuff in OpenLDAP's
slapd.conf format for "attributeTypes" config statements.
I'm setting up OpenLDAP as a proxy to AD so that LDAP queries directed
to the OpenLDAP proxy then connects to the AD via LDAPS.
OpenLDAP is up and running and the LDAP backend is working fine..
When I submit a query to the proxy server (using ldapsearch) I do not get
a response (the same query directly to the AD returns what I expect).
e.g. (query modified to protect the innocent :)
ldapsearch -v -h 127.0.0.1 -b "ou=bottom,dc=middle,dc=top"
Running slapd with '-d -1' reveals the following ;
get_ava: unknown attributeType samaccountName
I also have an attribute map in place and the debug reveals the following
suring startup ;
/usr/local/etc/openldap/slapd.conf: line 35: warning, destination
attributeType 'samaccountname' is not defined in schema
I'm guessing that I need an Active Directory schema of some form - is one
available (I've trawled Google and the mailing list archives) - any ideas
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497