[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP as a proxy/rewrite/remap to AD for nss_ldap

Mikolaj Kucharski wrote:
> I have Active Directory server, OpenLDAP server and a client machine.
> AD is based on Windows Server 2003, OpenLDAP is 2.3.43-3.el5 running on
> CentOS 5 i386, client machine is as well CentOS 5.

You might want to upgrade your OpenLDAP installation since 2.3.x is
almost historic now and will not get much help. Yes, we all know that people
want to stick to what's shipped with their favourite Linux distribution but...

> AD doesn't have all attributes which are needed by nss_ldap, so I
> thought to keep internal LDAP database with missing information
> (uidNumber, loginShell, etc) and merge, rewrite, remap or meta this
> information, and then give that result to the nss_ldap.

You probably want to look into using slapo-translucent.

Ciao, Michael.