Hi Marc, could you please post your source of information & how you did a proper configuration. I'd like to set up a similar setup in my environment.
Thanks in advance and bye. Benjamin 2011/7/23 Marc Schöchlin <[email protected]> > Hi, > > i already discovered the source of the problem. > After loading module "back_ldap" openldap accepted my ldif-input. > I think it might be a really good idea to add extra information about which > modules have to be loaded > to get a ldap-proxy working... > > Does anybody have a working example for a > "openldap-to-active-directory-**proxy" > including attribute mapping? > > Regards > Marc > > > > Am 16.07.2011 13:16, schrieb Marc Schöchlin: > > Hello OpenLDAP Users, >> >> >> i setup da openldap-instance as described at >> https://help.ubuntu.com/10.04/**serverguide/C/openldap-server.**html<https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html> >> . >> >> It seems that the Objectclass "olcOverlayConfig" is missed - where can >> i find that objectclass? >> >> Is there a complete manual available which describes how to setup a >> active directory proxy server? >> >> Is it possible to modify the configuration using a ldap browser like >> active directory studio? >> >> To use that server to be a proxy to a active directory server i am >> trying to add the following configuration: >> >> proxy2.ldif >> --- >> dn: olcDatabase={2}ldap >> objectClass: olcDatabaseConfig >> objectClass: olcLDAPConfig >> olcDatabase: {2}ldap >> olcSuffix: dc=proxy,dc=foobar,dc=de >> olcRootDN: dc=foobar,dc=local >> olcDbURI: "ldap://10.45.2.11:389"; >> >> dn: olcOverlay={0}pcache >> objectClass: olcOverlayConfig >> objectClass: olcPcacheConfig >> olcOverlay: {0}pcache >> olcPcache: bdb 100000 1 1000 100 >> olcPcacheAttrset: 0 mail postalAddress telephoneNumber >> olcPcacheTemplate: "(sn=)" 0 3600 0 0 0 >> olcPcacheTemplate: "(&(sn=)(givenName=))" 0 3600 0 0 0 >> olcPcacheTemplate: "(&(departmentNumber=)(**secretary=))" 0 3600 >> >> dn: olcDatabase={0}hdb >> objectClass: olcHdbConfig >> objectClass: olcPcacheDatabase >> olcDatabase: {0}hdb >> olcDbDirectory: ./proxy-db.2.a >> olcDbCacheSize: 20 >> olcDbIndex: objectClass eq >> olcDbIndex: cn,sn,uid,mail pres,eq,sub >> --- >> >> LDAP-ADD Complains: >> >> # ldapadd -vvv -Y EXTERNAL -H ldapi:/// -f /etc/ldap/proxy.ldif >> ldap_initialize( ldapi:///??base ) >> SASL/EXTERNAL authentication started >> SASL username: gidNumber=0+uidNumber=0,cn=**peercred,cn=external,cn=auth >> SASL SSF: 0 >> add objectClass: >> olcDatabaseConfig >> olcLDAPConfig >> add olcDatabase: >> {2}ldap >> add olcSuffix: >> dc=proxy,dc=foobar,dc=de >> add olcRootDN: >> dc=foobar,dc=local >> add olcDbURI: >> "ldap://10.41.2.12:389"; >> adding new entry "olcDatabase={2}ldap" >> ldap_add: Invalid syntax (21) >> additional info: objectClass: value #1 invalid per syntax >> >> I >> >> > -- To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To be is to do -- Sartre | Do be do be do -- Sinatra
