[Date Prev][Date Next] [Chronological] [Thread] [Top]

openldap to AD proxy

To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: openldap to AD proxy
From: Alex Samad - Yieldbroker <Alex.Samad@yieldbroker.com>
Date: Fri, 4 May 2012 04:31:36 +0000
Accept-language: en-AU, en-US
Content-language: en-US
Thread-index: Ac0prsTS+Qs7vHLTQ+CxfXsArp2gdw==
Thread-topic: openldap to AD proxy

Hi

I am still struggling with the my openldap to AD proxy connection.

I have successfully connected such that I can do search when I bind to openldap with an AD dn, but I want to be able to do anon search and I want anon to map through to a dn I have created in AD which has read only rights.


dn: olcDatabase={3}ldap,cn=config
objectClass: olcDatabaseConfig
objectClass: olcLDAPConfig
olcDatabase: {3}ldap
olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by * read
olcReadOnly: TRUE
olcRootDN: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
olcSizeLimit: 500
olcSuffix: dc=xyz,dc=com
olcDburi: "ldap://ldap. xyz.com "
olcDbRebindAsUser: TRUE
olcDbChaseReferrals: TRUE
olcdbaclbind: bindmethod=simple binddn="CN=ad readonly,OU=YB Services,OU= xyz,DC= xyz,DC=com" credentials=":)" starttls=no
olcDbIDAssertBind: bindmethod=none binddn="CN=ad readonly,OU=YB Services,OU= xyz,DC= xyz,DC=com" credentials=":)" starttls=no

I have a subordinate db at ou=external, DC= xyz,DC=com

I can do a 

ldapsearch -x -D " CN=ad readonly,OU=YB Services,OU= xyz,DC= xyz,DC=com" -b " DC= xyz,DC=com"  -w :) 

what I can't do is 
ldapsearch -x -b " DC= xyz,DC=com"

I am thinking I want to map anon request through to the readonly DN. But still leave it such that when people bind to openldap as themselves they bind to AD as themselves
How would I do that ?


Thanks
Alex

Prev by Date: Re: SMB+OPENLDAP
Next by Date: Can't login with ldap user
Index(es):
- Chronological
- Thread