Still no good for me...I'm not sure if our domain is configured differently than yours that would cause the recursive query to fail.... Aaron -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Gaddis, Jeremy L. Sent: Tuesday, February 27, 2007 10:19 AM To: General Red Hat Linux discussion list Subject: Re: Searching child OU's for authentication On Tue, 27 Feb 2007, Josh Miller wrote: > The example does not accomplish what the OP describes, as it is limited to > the Users OU. The goal here is to be able to point the Apache config at a > Domain Controller and have it search ALL OUs and right now there is a seeming > limitation on a single top-level OU -- although any user object within that > top-level OU will work. I changed the coniguration I posted slightly from the "real" configuration. In our Active Directory structure, we have an OU at the root-level called "Acad", therefore: AuthLDAPURL ldap://my.domain.edu:389/cn=Acad,DC=domain,DC=edu?sAMAccountName?sub?(ob jectclass=*) With this, we're able to authenticate any user "under" the Acad OU. There are no user objects actually *in* the Acad OU, but there a few OUs under that where user objects reside. I suppose I am not "searching all OUs" as I limit the searches to anything the top-level Acad OU. HTH, -j -- Jeremy L. Gaddis, MCP, GCWN jeremy@xxxxxxxxxxxx LinuxWiz Consulting http://linuxwiz.net -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list Confidentiality Notice: The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
