Juan Miscaro wrote:
On 14 December 2011 17:44, Quanah Gibson-Mount<qua...@zimbra.com> wrote:
--On Wednesday, December 14, 2011 3:40 PM -0500 Juan Miscaro
<jmisc...@gmail.com> wrote:
I would like to use the slapd-ldap backend as a proxy to Active
Directory (Windows Server 2008 R2).
Firstly, AD can be queried directly:
Does your local OpenLDAP have a schema file that defines the AD attributes
you are using?
No. I read that since OpenLDAP 2.3 this was not necessary (I'm
running 2.4.25 on Ubuntu 11.10). I got my project from a tutorial [1]
where this all worked.
[1]: http://is.gd/dqM1Ts (see section "Using OpenLDAP 2.3 to Pass
Unknown Schema" on page 2)
The passthru of unknown schema is just a hack. It will allow you to see some
data but without actual schema definitions it can't do proper normalization,
case matching, filter parsing, etc... Everything works better with actual
schema defined.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/