[Date Prev][Date Next]
Re: Authenticating OpenLDAP client with AD
Are you hinting at running the openldap server instead of openldap
client and sync the required accounts using replication and
authenticate againt the openldap server locally ?
On 10/23/10, Benjamin Griese <email@example.com> wrote:
> Hi vinay,
> you may take a look at this:
> It's not exactly what you want, but can help you reaching the goal. :)
> Bye, Benjamin.
> On Sat, Oct 23, 2010 at 12:22, Vinay Kalkoti <firstname.lastname@example.org>
>> I am working on authenticating OpenLDAP client with AD server. I saw
>> lots of examples which map the rfc2307bis schema using nss_schema
>> attribute in ldap.conf file
>> # Enable support for RFC2307bis (distinguished names in group
>> # members)
>> nss_schema rfc2307bis
>> and also, map the attributes of the rfc2307bis to the AD server schema
>> nss_map_attribute uid msSFU30Name
>> nss_map_attribute uidNumber msSFU30UidNumber
>> nss_map_attribute gidNumber msSFU30GidNumber
>> nss_map_attribute loginShell msSFU30LoginShell
>> nss_map_attribute gecos name
>> nss_map_attribute userPassword msSFU30Password
>> nss_map_attribute homeDirectory msSFU30HomeDirectory
>> Isn't there a way I can fetch the schema from the AD server and set it
>> using nss_schema ?.
>> Basically, I am looking at fetching the schema/objectClass/Attributes
>> from the LDAP/AD server and make them as a client schema's so that I
>> don't have to keep doing the mapping using nss_map_attribute and
>> I am new to LDAP world, and I am sorry if I my question doesn't make any
>> I have seen lots of enterprise products which integrate with LDAP/AD.
>> They provide a user interface to map the server side schema
>> objectClass and attributes. I am trying to see if I can get rid of
>> this and do it internally.
> To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To
> be is to do -- Sartre | Do be do be do -- Sinatra