[Date Prev][Date Next] [Chronological] [Thread] [Top]

problem with ldap backend


I am trying to setup a connection from openldap to MS AD

I am using this 

dn: olcDatabase={3}ldap
objectClass: olcDatabaseConfig
objectClass: olcLDAPConfig
olcDatabase: {3}ldap
olcSuffix: dc=xyz,dc=com
olcAccess: {0}to dn.base="" by * read
olcAccess: {1}to dn.base="cn=Subschema" by * read
olcAccess: {2}to * by self write by users read by anonymous auth
olcReadOnly: TRUE
olcRootDN: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
olcSizeLimit: 500
olcDbURI: "ldap://dc101. xyz.com ldap://dc201. xyz.com"
olcDbRebindAsUser: TRUE
olcDbChaseReferrals: TRUE

This works fine when I pass a bind DN.

I would like to convert this to allow anon access to ldap, which does a user bind to MS AD so I added this

olcdbaclbind: bindmethod=simple binddn="CN=ad readonly,OU= xyz,DC= xyz,DC=com" credentials="secret" starttls=no

but it is not working, I can not make a anon search request, they retrieve any thing frome the MSAD ldap server.