On 11/22/2012 11:33 PM, Alex Samad - Yieldbroker wrote:
please do not top post.
Pretty sure I tried that
Go back and give it another test.
How does it different between anon and non anon binds to openldap
So if its an
anon to openldap -> I want to bind with the supplied credentials
non anon to openldap -> I want to bind with the supplied credential that are
supplied to openldap from the client
Does that make sense ?
Thanks
Alex
-----Original Message-----
From: Pierangelo Masarati [mailto:[email protected]]
Sent: Friday, 23 November 2012 8:30 AM
To: Alex Samad - Yieldbroker
Cc: Mailing Lists; [email protected]
Subject: RE: OpenLDAP Proxy to AD of User Objects with full/correct schema
I would be interested in this.
Where you able to get it to convert anonymous searches on openldap to
non anon searches into ad
So I wanted to be able to search email addresses from ad from openldap
. I created a read only userid for ad. But I could never work out how
to configure openldap to use the given user/password when there was a
anon request.
within the "ldap" database specification:
idassert-bind bindmethod=simple
binddn="cn=substitute-identity"
credentials="password"
mode=none
idassert-authzFrom dn.exact:""
idassert-bind bindmethod=simple
binddn="cn=substitute-identity"
credentials="password"
mode=none
flags=non-prescriptive
idassert-authzFrom dn.exact:""
Please note this has always been documented in slapd-ldap(5) since the
introduction of the idassert-bind feature. Please read the manual for
further help.
p.
--
Pierangelo Masarati
Associate Professor
Dipartimento di Ingegneria Aerospaziale
Politecnico di Milano
--
Pierangelo Masarati
Associate Professor
Dipartimento di Ingegneria Aerospaziale
Politecnico di Milano
