[Date Prev][Date Next]
Re: Transparent proxy, (objectClass=user) not being relayed. Schema issue?
Christopher Cprek wrote:
I'm attempting to configure a slapd server in a very simple transparent
proxy configuration. I'm having a problem where clients for this proxy have
a (objectClass=user) filter defined. This filter is being replaced with
(!(objectClass=*)) when the searchRequest is relayed to the backend LDAP
I believe this is something missing in the schema, though I'm very new to
LDAP. I've already included an AD schema in my slapd.conf to resolve some AD
specific filters I had trouble with.
I've attempted to uncomment and modify the core.schema's definition of
attributetype NAME objectClass, and commented out what I suspected was the
conflicting duplicate attributeType NAME supportedApplicationContext.
But I can't get slapd to start. I keep getting a duplicate attribute type
error in the config.
hdb_back_initialize: Sleepycat Software: Berkeley DB 4.4.20: (January 10,
/etc/openldap/schema/core.schema: line 66: Duplicate attributeType:
slapd-ldap destroy: freeing system resources.
connections_destroy: nothing to destroy.
I would appreciate any guidance to help resolve my problem. All I want is
the filter (objectClass=user) to be relayed correctly from the slapd service
to the LDAP proxy backend.
Do *not* modify standard track schema files; define the "user"
objectclass (in principle, you should be able to find about its
definition by inspecting the subschema subentry of the server you're