Could you detail the steps you took to set up the proxy. we are trying to accomplish the same kind of thing and I am knocking myself silly trying to make this happen..... does the proxy require the admin dn/password?
On Fri, 14 Oct 2005 21:23:57 +0200, Jan Schmidt wrote > Hi list, > > I managed to setup OpenLDAP (2.2.23 on SuSE 9.3) as read-only proxy > to our Active Directory using the ldap/meta backend. Now I've found > two annoying drawbacks. > > (1) One strange behaviour is, that a ldapsearch on the proxy returns > only a subset of the available attributes of the object. Same > ldapsearch to the Active Directory returns the full set. > > (2) Active Directory allows [EMAIL PROTECTED] as bindDN. While slapd is > configured to be a proxy it doesn't send the bindDN to the AD but > parses it. This results in an error message: <= > ldap_bv2dn([EMAIL PROTECTED])=-4 Decoding error bind: invalid dn > ([EMAIL PROTECTED]) I tried to do the rewrite stuff mentioned in slapd- > meta.5 but it doesn't work. > > Can somebody give me some hints or has anyone got a fully functional > AD-proxy configuration? > > Best regards, > Jan Schmidt > > --------------------------------------------------------------- > AG Anwendungen/Multimedia Rechenzentrum Universität Greifswald > http://www.multimedia.uni-greifswald.de/ > Tel: +49 3834 861416 Fax: +49 3834 8680016
