[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: Problem when using OpenLDAP query to AD server
Okie, thanks for your help. My server is running properly. I will enhance
some security features for my server later.
Thanks and Best regards,
Pham Tung Duong
-----Original Message-----
From: Pierangelo Masarati [mailto:ando@sys-net.it]
Sent: 10 tháng hai 2009 11:41 CH
To: Duong Pham Tung
Cc: openldap-technical@openldap.org
Subject: Re: Problem when using OpenLDAP query to AD server
Duong Pham Tung wrote:
> Sorry, but if anyone can, give me a example of slapd.conf for openldap
> proxy.
>
> I tried using idassert-bind instead of using binddn/bindpw, but nothing
can
> be finished
You didn't specify what you intend to do. First of all you may want to
read this <http://www.openldap.org/faq/data/cache/532.html>.
If your intention is to proxy anonymous clients on an authenticated
connection, you can use
database ldap
suffix "dc=example,dc=com"
uri "ldap://ldap.example.com";
idassert-bind bindmethod=simple
binddn="cn=Proxy,dc=example,dc=com"
credentials=proxy
mode=none
idassert-authzFrom "*"
Replace the binddn and credentials fields accordingly. Beware that by
doing this you're breaking security, since AD will see anonymous users
as the identity you put in the binddn. So anonymous (or any user) will
have the privileges of the binddn.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Fax: +39 0382 476497
Email: ando@sys-net.it
-----------------------------------