[Date Prev][Date Next]
LDAP proxy with features
- To: <OpenLDAP-software@OpenLDAP.org>
- Subject: LDAP proxy with features
- From: "Pratt, Benjamin E." <email@example.com>
- Date: Mon, 5 Dec 2005 07:56:57 -0600
- Content-class: urn:content-classes:message
- Thread-index: AcX5o8FzZFT/OVTAQf251NIjFSVpNg==
- Thread-topic: LDAP proxy with features
Hello. A few months ago I tried setting up an OpenLDAP server to:
1. Act as a proxy to several other LDAP servers.
2. Accept LDAP requests and convert them to LDAPS requests before going
to backend servers.
3. Allow attribute mapping for specific attributes to certain backend
I was running OpenLDAP 2.2 and had points 2 and 3 working great but
point 1 was a problem because many of the other LDAP attributes didn't
pass through the proxy.
This week I started looking into this again and saw a posting to the
list from a user who said that OpenLDAP 2.3 resolves this issue. I
upgraded and yes, the proxying of attributes to the backend server issue
was resolved. Unfortunately points 2 and 3 were broken.
I installed the FreeBSD port using the command:
make CONFIGURE_ARGS="--enable-ldap=yes --enable-meta=yes
--enable-rewrite=yes --enable-rwm=yes --with-tls=openssl" install clean
My slapd.conf file contains:
rwm-map attribute displayName cn
uri "ldap://22.214.171.124 ldap://126.96.36.199
When I change the uri to point to protocols ldaps (e.g.
ldaps://188.8.131.52) the proxy breaks. Also, I used to have "map
attribute displayName cn" working but now the configuration appears to
be rwm-map but that is not working.
Are my install options correct for LDAPS? Is a proxy conversion from
LDAP to LDAPS still possible?
Am I using the map attribute options correctly? If not, what is the
I appreciate any help that the community has to offer. If I need to
provide any more info please let me know. Thanks.