Hello.
I have one program which can authenticate with LDAP server and Active Directory with read access.
I need to authenticate extra users, but I can't add them to Active Directory for security reasons. Program can work with only one LDAP source.
I have tryed to use openldap chain overlay to join local and remote LDAP databases with refferals. Search works fine, but bind operation doesn't work, openldap writes error:
<= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30989)
Is it possible to bind to remote LDAP records with chain overlay?
------------------------------------------
database bdb
suffix "dc=local"
rootdn "cn=ldapadmin,dc=local"
rootpw 12345678
directory /var/lib/ldap
overlay chain
chain-uri "ldap://10.1.1.1/";
chain-rebind-as-user TRUE
chain-cache-uri true
chain-chaining resolve=chainingRequired continuation=chainingRequired
chain-idassert-bind bindmethod="simple"
binddn="cn=ldapuser,cn=Users,dc=test,dc=local"
credentials="123"
mode="none"
----------------------------------------
Could you recommend another solution?