On 8/22/07, Pierangelo Masarati <> wrote: > DePriest, Jason R. wrote: > > I can run ldapsearch from my OpenLDAP server and successfully query a > > remote LDAP server. > > > > My command-line looks like this (broken into lines for readability): > > ldapsearch > > -u > > -v > > -x > > -D 'cn=LDAP-proxy,ou=Service Accounts,dc=subdomain,dc=domain,dc=com' > > -w '<password>' > > -H 'ldap://server.subdomain.domain.com' > > -b 'ou=Department,dc=subdomain,dc=domain,dc=com' > > -s one > > -P 3 > > '(&(objectCategory=person)(objectClass=user)(cn=DeP*))' + > > > > It returns: > > # extended LDIF > > # > > # LDAPv3 > > # base <ou=Data Security,dc=subdomain,dc=domain,dc=com> with scope subtree > > # filter: (&(objectCategory=person)(objectClass=user)(cn=DeP*)) > > # requesting: + > > # > > > > # DePriest\2C Jason R., Department, subdomain.domain.com > > dn: CN=DePriest\, Jason R.,OU=Department,DC=subdomain,DC=domain,DC=com > > ufn: DePriest\2C Jason R., Department, subdomain.domain.com > > > > # search result > > search: 2 > > result: 0 Success > > > > # numResponses: 2 > > # numEntries: 1 > > > > Hey, look! It found me! > > > > I have tried using the ldap backend, but I'm leaning toward using the > > meta backend now. > > > > I cannot seem to figure out how to take the successful ldapsearch and > > turn it into a configuration that will proxy requests to the remote > > server. > > database meta > suffix "ou=Data Security,dc=subdomain,dc=domain,dc=com" > > uri "ldap://server.subdomain.domain.com/ou=Data > Security,dc=subdomain,dc=domain,dc=com" > protocol-version 3 > idassert-bind bindmethod=simple > binddn="cn=LDAP-proxy,ou=Service > Accounts,dc=subdomain,dc=domain,dc=com" > credentials="<password>" > mode=self > flags=non-prescriptive > > > I have what I think looks good, but I get an error while trying to do > > a query and it crashes with this: slapd: symbol lookup error: > > /usr/lib/ldap/back_meta-2.3.so.0: undefined symbol: > > ldap_back_proxy_authz_ctrl > > You need to load back_ldap.la as well, as it provides the missing symbol. > > p. > > > > Ing. Pierangelo Masarati > OpenLDAP Core Team > > SysNet s.r.l. > via Dossi, 8 - 27100 Pavia - ITALIA > http://www.sys-net.it > --------------------------------------- > Office: +39 02 23998309 > Mobile: +39 333 4963172 > Email: [EMAIL PROTECTED] > --------------------------------------- >
I have added moduleload back_ldap along with those I already had moduleload back_bdb moduleload back_meta and made your other suggested changes. I get an error trying to start the slapd daemon. line 82 (idassert-bind ***) slapd: symbol lookup error: /usr/lib/ldap/back_meta-2.3.so.0: undefined symbol: slap_idassert_parse_cf
