Re: Forwarding client requests to AD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Ah-ha! It's all in the wording.

Once I got a clue to search on "database chaining," I found the right docs...

db

On Mar 12, 2013, at 09:46, David Barr <dafydd@xxxxxxxxxx> wrote:

Good Morning,

I'm afraid my Google-fu is failing me, this morning. Synchronizing 389-ds with Active Directory is well understood.[1] However, for various non-technical reasons, I won't be able to do that for this environment.

What I need 389-ds to do is receive an ID/Auth requests from an LDAP client, forward that request into the AD environment, and then pass the response back to the end client. I suppose I would be tasking 389-ds to act as an AD proxy server, without doing full synchronization.

For bonus points, I will be loading sudoers information[2] into 389-ds and using it for *nix privilege authorization. So, "ou=SUDOers,dc=example,dc=com" would be locally served, while "ou=People,dc=example,dc=com" and "ou=Groups,dc=example,dc=com" would be forwarded. (My SudoUser attributes will use user and group names returned from AD.)

Is using 389-ds as a AD proxy documented somewhere? Am I just not finding it?

Thanks!
David


--

David - Offbeat http://dafydd.livejournal.com
dafydd - Online http://pgp.mit.edu/
Battalion 4 - Black Rock City Emergency Services Department
Integrity*Commitment*Communication*Support

----5----1----5----2----5----3----5----4----5----5----5----6----5----7--

Werner Heisenberg is driving down the autobahn. A police officer pulls
him over. The officer says, "Excuse me, sir, do you know how fast you
were going?"
"No," replies Dr. Heisenberg, "but I know where I am."

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

--

David - Offbeat http://dafydd.livejournal.com
dafydd - Online http://pgp.mit.edu/
Battalion 4 - Black Rock City Emergency Services Department
Integrity*Commitment*Communication*Support

----5----1----5----2----5----3----5----4----5----5----5----6----5----7--

Rene Descartes walks into his neighborhood watering hole. The publican sees him and asks, "Will you have your usual, sir?"

Descartes ponders a moment and replies, "I think not."

And promptly disappears...



--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux