[Date Prev][Date Next] [Chronological] [Thread] [Top]

Transparent proxy, (objectClass=user) not being relayed. Schema issue?


I'm attempting to configure a slapd server in a very simple transparent proxy configuration. I'm having a problem where clients for this proxy have a (objectClass=user) filter defined. This filter is being replaced with (!(objectClass=*)) when the searchRequest is relayed to the backend LDAP server.

I believe this is something missing in the schema, though I'm very new to LDAP. I've already included an AD schema in my slapd.conf to resolve some AD specific filters I had trouble with.

I've attempted to uncomment and modify the core.schema's definition of attributetype NAME objectClass, and commented out what I suspected was the conflicting duplicate attributeType NAME supportedApplicationContext. 

But I can't get slapd to start. I keep getting a duplicate attribute type error in the config. 

hdb_back_initialize: Sleepycat Software: Berkeley DB 4.4.20: (January 10, 2006)
/etc/openldap/schema/core.schema: line 66: Duplicate attributeType: ""
slapd-ldap destroy: freeing system resources.
slapd stopped.
connections_destroy: nothing to destroy.

I would appreciate any guidance to help resolve my problem. All I want is the filter (objectClass=user) to be relayed correctly from the slapd service to the LDAP proxy backend. 

Thanks in advance!