[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP as a proxy/rewrite/remap to AD for nss_ldap

Mikolaj Kucharski wrote:

I have Active Directory server, OpenLDAP server and a client machine.
AD is based on Windows Server 2003, OpenLDAP is 2.3.43-3.el5 running on
CentOS 5 i386, client machine is as well CentOS 5.

Does OpenLDAP server in any version, allows me to rewrite/remap/merge
results from:

  - Active Directory
  - internal LDAP database (or any database)

to make them suitable to nss_ldap?

AD doesn't have all attributes which are needed by nss_ldap, so I
thought to keep internal LDAP database with missing information
(uidNumber, loginShell, etc) and merge, rewrite, remap or meta this
information, and then give that result to the nss_ldap.

Yes, use slapo-translucent(5).

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/