[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: successful ldapsearch -- need to turn it into a working slapd configuration for an LDAP proxy

To: "DePriest, Jason R." <jrdepriest@gmail.com>
Subject: Re: successful ldapsearch -- need to turn it into a working slapd configuration for an LDAP proxy
From: Pierangelo Masarati <ando@sys-net.it>
Date: Wed, 22 Aug 2007 18:05:38 +0200
Cc: openldap-software@openldap.org
In-reply-to: <31b7d2790708220759r74498b8bt227fb1ce5dbe7efa@mail.gmail.com>
References: <31b7d2790708220759r74498b8bt227fb1ce5dbe7efa@mail.gmail.com>
User-agent: Thunderbird 1.5.0.8 (X11/20061025)

DePriest, Jason R. wrote:

I can run ldapsearch from my OpenLDAP server and successfully query a
remote LDAP server.

My command-line looks like this (broken into lines for readability):
ldapsearch
-u
-v
-x
-D 'cn=LDAP-proxy,ou=Service Accounts,dc=subdomain,dc=domain,dc=com'
-w '<password>'
-H 'ldap://server.subdomain.domain.com'
-b 'ou=Department,dc=subdomain,dc=domain,dc=com'
-s one
-P 3
'(&(objectCategory=person)(objectClass=user)(cn=DeP*))' +

It returns:
# extended LDIF
#
# LDAPv3
# base <ou=Data Security,dc=subdomain,dc=domain,dc=com> with scope subtree
# filter: (&(objectCategory=person)(objectClass=user)(cn=DeP*))
# requesting: +
#

# DePriest\2C Jason R., Department, subdomain.domain.com
dn: CN=DePriest\, Jason R.,OU=Department,DC=subdomain,DC=domain,DC=com
ufn: DePriest\2C Jason R., Department, subdomain.domain.com

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

Hey, look!  It found me!

I have tried using the ldap backend, but I'm leaning toward using the
meta backend now.

I cannot seem to figure out how to take the successful ldapsearch and
turn it into a configuration that will proxy requests to the remote
server.


database	meta
suffix		"ou=Data Security,dc=subdomain,dc=domain,dc=com"

uri "ldap://server.subdomain.domain.com/ou=Data Security,dc=subdomain,dc=domain,dc=com" protocol-version 3 idassert-bind bindmethod=simple binddn="cn=LDAP-proxy,ou=Service Accounts,dc=subdomain,dc=domain,dc=com" credentials="<password>" mode=self flags=non-prescriptive

I have what I think looks good, but I get an error while trying to do
a query and it crashes with this: slapd: symbol lookup error:
/usr/lib/ldap/back_meta-2.3.so.0: undefined symbol:
ldap_back_proxy_authz_ctrl


You need to load back_ldap.la as well, as it provides the missing symbol.

p.

Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it
---------------------------------------

Follow-Ups:
- Re: successful ldapsearch -- need to turn it into a working slapd configuration for an LDAP proxy
  - From: "DePriest, Jason R." <jrdepriest@gmail.com>

References:
- successful ldapsearch -- need to turn it into a working slapd configuration for an LDAP proxy
  - From: "DePriest, Jason R." <jrdepriest@gmail.com>

Prev by Date: Re: ldap_bind: Can't contact LDAP server (-1)
Next by Date: Re: Delta-syncrepl issues when missing schema
Index(es):
- Chronological
- Thread