[Date Prev][Date Next] [Chronological] [Thread] [Top]

problem with ldap backend

To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: problem with ldap backend
From: Alex Samad - Yieldbroker <Alex.Samad@yieldbroker.com>
Date: Wed, 28 Mar 2012 02:57:35 +0000
Accept-language: en-AU, en-US
Content-language: en-US
Thread-index: Ac0MjoOb9SrA8vA/STq7A7esDRNr+A==
Thread-topic: problem with ldap backend

Hi

I am trying to setup a connection from openldap to MS AD

I am using this 

dn: olcDatabase={3}ldap
objectClass: olcDatabaseConfig
objectClass: olcLDAPConfig
olcDatabase: {3}ldap
olcSuffix: dc=xyz,dc=com
olcAccess: {0}to dn.base="" by * read
olcAccess: {1}to dn.base="cn=Subschema" by * read
olcAccess: {2}to * by self write by users read by anonymous auth
olcReadOnly: TRUE
olcRootDN: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
olcSizeLimit: 500
olcDbURI: "ldap://dc101. xyz.com ldap://dc201. xyz.com"
olcDbRebindAsUser: TRUE
olcDbChaseReferrals: TRUE


This works fine when I pass a bind DN.

I would like to convert this to allow anon access to ldap, which does a user bind to MS AD so I added this


olcdbaclbind: bindmethod=simple binddn="CN=ad readonly,OU= xyz,DC= xyz,DC=com" credentials="secret" starttls=no

but it is not working, I can not make a anon search request, they retrieve any thing frome the MSAD ldap server.

Thanks

Follow-Ups:
- RE: problem with ldap backend
  - From: Alex Samad - Yieldbroker <Alex.Samad@yieldbroker.com>

Prev by Date: Can dynlist query from database hdb access entries in a database ldap on the same slapd?
Next by Date: Not deleted in Syncrepl
Index(es):
- Chronological
- Thread