[Date Prev][Date Next] [Chronological] [Thread] [Top]

back-ldap: how to bind to remote server?

To: openldap-software@openldap.org
Subject: back-ldap: how to bind to remote server?
From: Székelyi Szabolcs <cc@mail.3d.hu>
Date: Mon, 23 Apr 2007 23:06:12 +0200
Openpgp: url=http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5AB33243
User-agent: Icedove 1.5.0.10 (X11/20070329)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I'm trying to use OpenLDAP as a proxy. I want it to bind to the remote
LDAP server with a fixed dn, and use that dn for searches. This way,
any dn binding to the proxy (even anonymously) could see objects and
attributes that the dn used to bind to the real LDAP server can see.

My problem is that it seems that the proxy does not bind to the remote
server (in other words, it binds anonymously), just forwards searches,
which fail this way, because the remote server requires authentication.
The binddn and bindpw configuration options are correct, I can use
ldapsearch to retrieve objects directly from the remote server.

Looking at the network traffic, I can't see the proxy attempting to bind
using the dn given in the binddn option.

Here is the relevant part of my slapd.conf:

==
database        ldap
suffix          dc=company,dc=local
chase-referrals no
lastmod         off
uri             ldap://remotehost
binddn          <binddn>
bindpw          <bindpw>
==

Is it possible to configure back-ldap this way?

Thanks,
- --
cc


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGLR/EGJRwVVqzMkMRAtG6AJ4kcCsQ3P+AdvwypvSAOx636WrlWgCfaPcO
y05t2kWjfb4CUZh5kpMzVY4=
=Puce
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: back-ldap: how to bind to remote server?
  - From: "Pierangelo Masarati" <ando@sys-net.it>

Prev by Date: Re: Best practise for syncrepl security & latency?
Next by Date: Re: Syncrepl, and some objectClass errors
Index(es):
- Chronological
- Thread