[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: back-ldap
"Randall S. Winchester" wrote:
>
> I would like to use back-ldap as a proxy from an application that is
> compiled against openldap-1.x. I would like to support backend LDAP
> servers that are either openldap-1.x for newer LDAP-V3. The
> authentication may be either simple or one of the various SASL or
> other LDAP-V3 methods of authentication.
>
> While I can use "ldapsearch -x -h remotehost" to get legacy behaviour,
> I do not see that there is a way to do the same with back-ldap.
>
> i.e. when I try "ldapsearch -x -h 127.0.0.1" I always get failures,
> with or without SASL support compiled in.
>
> It looks like it needs some of the same "connection/security" options
> as "replica" support in the slapd.conf file.
>
> I want the "localhost LDAP applications" to always talk via simple
> auth to the "localhost LDAP proxy". It should then be up to the
> slapd.conf file to tell OpenLDAP/back-ldap how to comunicate with the
> remote LDAP server. Eventially (next release...) I would like the
> "locahost LDAP applications" to use ldapi:// vis simple auth as well,
> but still with the OpenLDAP back-ldap proxy as the "mediator" to the
> remote LDAP servers.
>
> Am I missing something? I can not find anyway to change what it thinks
> it is doing...
>
> The same would apply to back-meta of course, but I can get by with
> back-ldap untill back-meta gets released.
Assuming you're using HEAD code, I guess you hit the removal
of LDAPv2 support by default; try adding "allow bind_v2"
to slapd.conf
Pierangelo.
--
Dr. Pierangelo Masarati | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale | fax: +39 02 2399 8334
Politecnico di Milano |
mailto:pierangelo.masarati@polimi.it
via La Masa 34, 20156 Milano, Italy |
http://www.aero.polimi.it/~masarati
- Follow-Ups:
- Re: back-ldap
- From: Pierangelo Masarati <masarati@aero.polimi.it>
- References:
- back-ldap
- From: "Randall S. Winchester" <rsw@sendmail.com>