Hello everyone.
I have an OpenLDAP 2.3.30 running on Debian Etch Stable in a DMZ,
managing
external users for an application.
But at the same time i want this openLDAP to comunicate when given
for a
specific DN with another directory service on my internal network.
The connection between the two machines passing thru the firewall is
correct.
The reference are:
openLDAP machine : doldap.sc.com with domain dc=si,dc=com
the other directory : adldap.adsc.com with domain dc=adsc,dc=com
I defined the referral like this:
dn: ou=test,dc=adsc,dc=com
objectClass: referral
objectClass: extensibleObject
dc: prueba
ref: ldap://adldap.adsc.com/ou=test,dc=adsc,dc=com
So, when i query something like this (anonymous):
ldapsearch -b "ou=test,dc=adsc,dc=com" -H ldap://doldap.sc.com -x
I get this response:
# extended LDIF
#
# LDAPv3
# base <ou=prueba,dc=adsc,dc=com> with scope subtree # filter:
(objectclass=*) # requesting: ALL #
# search result
search: 2
result: 10 Referral
ref: ldap://adldap.adsc.com/ou=prueba,dc=adsc,dc=com??sub
# numResponses: 1
So, apparently the referral for that query is found, next i tell
ldapsearch
to follow it:
ldapsearch -b "ou=test,dc=adsc,dc=com" -H ldap://doldap.sc.com -x -C
The openLDAP try to follow the referral and get this response from
the other
service:
# extended LDIF
#
# LDAPv3
# base <ou=prueba,dc=adsc,dc=com> with scope subtree # filter:
(objectclass=*) # requesting: ALL #
# search result
search: 2
result: 1 Operations error
text: 00000000: LdapErr: DSID-0C090627, comment: In order to
perform this
operation a successful bind must be completed on the connection.,
data 0,
vece
# numResponses: 1
So, How do I tell ldapsearch to authenticate to the referred to
LDAP server
when chasing a referral?
Hope someone can helpme.
Regards.
.A l e j a n d r o.