Re: LDAP proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Michal Rejda wrote:

-----Original Message-----
From: fedora-directory-users-bounces@xxxxxxxxxx [mailto:fedora-
directory-users-bounces@xxxxxxxxxx] On Behalf Of Rich Megginson
Sent: Tuesday, April 14, 2009 4:25 PM
To: General discussion list for the Fedora Directory server project.
Subject: Re:  LDAP proxy

Michal Rejda wrote:

I tried to use http://tinyurl.com/culeft. But the database link

doesn't work. I setup the database link to the Active Directory (and
OpenLDAP). When I looked into Wireshark log, FDS send search request
with controls:

	2.16.840.1.113730.3.4.2
	2.16.840.1.113730.3.4.12
And the AD server responded: Unavailable Critical Extension.

I tried to remove this two controls from Database Link Settings (in

administration console) but it didn't help. The server didn't return
the message above, but the administrative console show error dialog.
What error? 
I tried it again and the error message is exactly:

Error fading object 'dn: dc=example, dc=com'.
The error send by the server was:
".

In the Whireshark log was still the search request witch control:
	2.16.840.1.113730.3.4.2

Why is this control needed by the server when I removed it from Database link settings?

I'm not sure - maybe the console is not working correctly. Try this:
1) Shutdown the server
2) cd /etc/dirsrv/slapd-yourinstance
3) edit dse.ldif - look for the entry
dn: cn=config,cn=chaining database,cn=plugins,cn=config
4) edit the nsTransmittedControls attribute - remove 2.16.840.1.113730.3.4.2
5) save and restart the server

Michal Rejda wrote:


Hi all,

I’m trying to setup proxy on FDS to another LDAP server (OpenLDAP
and Active Directory). I tried two ways, but none of these works:

1) New database link to LDAP server.

- The remote LDAP server (OpenLDAP) returns: null. manageDSAit


control


value not found



You might have to tweak the controls used by chaining - see
http://tinyurl.com/culeft


2) Create multiple-master replication and setup other server as


consumer.


- But this show error: 255 Replication error acquiring replica:
unknown error.



Replication will only work to a SunDS, not to any other vendor.


My question is: Is there way how to setup proxy to access another


LDAP


server from Fedora DS? I know that is possible to use AD sync, but

I

cannot install anything on the AD server. The second reason why I


need


to setup proxy is to use data stored in LDAP server (OpenLDAP, Open
Direcoty Server and Active Directory) in one place. I need to

update

them too. It is not necessary to synchronize passwords.



See also
http://directory.fedoraproject.org/wiki/Howto:OpenldapIntegration


Thank you for reply.

Regards,

Michal




--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users





--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users

<<attachment: smime.p7s>>

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux