All, Here's what I've now done to enable the AD Back end DB for a sub tree: 1. Click configuration and select the "dc=domain,dc=com" tree. 2. Right click "dc=domain,dc=com" tree and select new sub suffix 3. In New Suffix box, typed "ou=subsuffix1" and unchecked create associated database automatically and click OK. 4. Open "dc=domain,dc=com" and right click "ou=subsuffix1,dc=domain,dc=com, and select "new database link. 5. Here, I put Database link name "subsuffix1", put the bind dn and password of a domain user account in my AD, and put the domain controller ip in the remote server box and clicked save. (I can connect to my AD with the DN I provided here) 6. Check enable this suffix under ou=subsuffix1,dc=worldpub,dc=corp now subsuffix1 database appears under ou=subsuffix1,dc=domain,dc=com. If I now go to the directory tab, and select the directory entry, i get critical extension unavailable and if i use an ldap browser i get list failed on the main tree. Did i miss a step? If I disable the ou=subsuffix1,dc=domain,dc=com suffix i can browse the tree no problem. Thanks! Brian Smith Sergio Diaz wrote: > > FDS, OpenLDAP and AD > > One Directory FDS.....i want this directions to... > Chaining Backend... > > Regards, > Sergio > > On Mon, 2006-10-02 at 14:12 -0400, Brian Smith wrote: >> Hello all, I've been working on getting chaining working with an active >> directory back end for a week now. Has anyone successfully done this or >> have directions on setting this up? >> >> Brian Smith >> >> Howard Chu wrote: >> > >> >> Date: Mon, 02 Oct 2006 10:01:55 -0600 >> >> From: Richard Megginson <rmeggins at redhat.com <mailto:rmeggins at redhat.com>> >> > >> >> Sergio Diaz wrote: >> >>> Hi Richard; >> >>> >> >>> Openldap: >> >>> >> >>> The *meta* backend to *slapd(8) >> >>> <http://docsrv.caldera.com:8457/cgi-bin/man?mansearchword=slapd&mansection=8 <http://docsrv.caldera.com:8457/cgi-bin/man?mansearchword=slapd&mansection=8>>* >> >>> performs basic LDAP proxying with respect >> >>> to a set of remote LDAP servers, called "targets". The >> >>> information >> >>> contained in these servers can be presented as belonging >> >>> to a single >> >>> Directory Information Tree (DIT). >> >>> >> >>> Its possible with FDS ?? >> >>> >> >> FDS has a chaining backend which allows you to use another LDAP >> >> server to store the data. >> > >> > It sounds like the FDS chaining backend is similar to OpenLDAP >> > back-ldap and/or the chaining overlay. In OpenLDAP back-ldap forwards >> > a request to one other server (at a time; multiple servers can be >> > configured but the others will only be used if the first server cannot >> > be contacted). The back-meta backend is a superset of back-ldap, it >> > can fanout single requests to multiple servers in parallel and >> > aggregate the results. (There's also attribute mapping and DN >> > rewriting, but those capabilities are no longer unique to back-meta, >> > having been moved into the rewrite overlay.) With these modules you >> > can stitch together a variety of heterogeneous directories into a >> > coherent virtual directory. >> > >> >>> Regards!! >> >>> Sergio >> >>> >> >>> >> >>> On Mon, 2006-10-02 at 07:25 -0600, Richard Megginson wrote: >> >>>> Sergio Diaz wrote: >> >>>>> Hi People, >> >>>>> >> >>>>> Its Possible Sync only in One Way ? >> >>>>> Users Windows AD -> FDS. >> >>>> No, not really. >> >>>>> Or the other scenario its like OpenLDAP have a Meta Backend (2 >> >>>>> LDAPs, 1 AD), its possible with FDS ? >> >>>> It's possible. What does the meta backend do? >> >>>>> >> >>>>> Regards, >> >>>>> Sergio >> > >> > >> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users at redhat.com <mailto:Fedora-directory-users at redhat.com> >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20061002/fc3de15c/attachment.html
