[Date Prev][Date Next] [Chronological] [Thread] [Top]

Rewrite: LDAP proxy for AD


I could able to successfully use proxy functionality to connect to an AD server using the slapd configuration below.

[SNIPPET from slap.conf]
database        ldap
suffix          "OU=Da Vinci Coders,OU=Portland House,OU=Sites,DC=internal,DC=phg,DC=com,DC=au"
uri             "ldap://";

        bindmethod=simple binddn="CN=Ldap       Authentication,OU=Linux,OU=InformationTechnology,OU=Portland    House,OU=Sites,DC=internal,DC=phg,DC=com,DC=au"         credentials="test"

chase-referrals yes

idassert-bind   bindmethod=simple
                binddn="CN=Ldap Authentication,OU=Linux,OU=InformationTechnology,OU=Portland House,OU=Sites,DC=internal,DC=phg,DC=com,DC=au"
                credentials="test "

idassert-authzFrom "dn.regex:.*"

I want to use the users under the above suffix (OU=Da Vinci Coders) as users for Linux clients.

At present I cannot see them (e.g command, su - nazeerm fails) as they NOT are under " cn=users,dc=internal,dc=phg,dc=com,dc=au" or " cn=people,dc=internal,dc=phg,dc=com,dc=au".

Is there any easy of mapping    "OU=Da Vinci Coders,OU=Portland House,OU=Sites,DC=internal,DC=phg,DC=com,DC=au" to " cn=users,dc=internal,dc=phg,dc=com,dc=au ".

Thank you.


CAUTION: This email message and accompanying data may contain information 
that is confidential and/or subject to legal privilege. If you are not the 
intended recipient, you are notified that any use, dissemination, 
distribution or copying of this message or data is prohibited. 
If you have received this email message in error, please notify us 
immediately and erase all copies of this message and attachments. Thank you.