On 04/11/2013 09:56 AM, Kevin Thorpe wrote:
You can use smart referrals to pull in an organisation unit from
another LDAP/AD
server. That means you can do a single query to find users across
several domains.
In our case this is a client's own LDAP server. Part of the
configuration is to set the
bind dn and password to access the foreign server.
configuration of what?
On a service restart these
authentication details are forgotten so the foreign directory is not
usable.
restart of dirsrv?
The way smart referrals work is that it is the responsibility of the
client to follow the referral. All the server does is send back a URL
in response to a search request e.g.
client -> bind to
ldap.example.com using the user provided credentials
client -> search for ou=remote,dc=example,dc=com
server -> err=10 (Referral) -
ldap://remote.example.com/ou=local,dc=example,dc=com
client -> bind to
remote.example.com using the user provided credentials
...
That is, the directory server doesn't store the binddn and password, so
I'm not sure where this is supposed to come from.
following these instructions:
http://www.centos.org/docs/5/html/CDS/ag/8.0/Configuring_Directory_Databa...
On 11 April 2013 16:41, Rich Megginson <rmeggins(a)redhat.com
<mailto:rmeggins@redhat.com>> wrote:
On 04/11/2013 09:25 AM, Kevin Thorpe wrote:
> Hi I'm using smart referrals to pull in a list of users from a
> foreign LDAP server.
> It's not keeping the authentication details so if I restart the
> dirsrv then those
> org units no longer work. bug? or is it something I'm doing?
Not sure what you mean by "smart referrals" and "not keeping the
authentication details"
>
> centos 5.7 dirsrv 8.2
>
> --
> Kevin Thorpe
> Chief Technical Officer
> PI Benchmark
>
>
>
> --
> 389 users mailing list
> 389-users(a)lists.fedoraproject.org
<mailto:389-users@lists.fedoraproject.org>
>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users(a)lists.fedoraproject.org
<mailto:389-users@lists.fedoraproject.org>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Kevin Thorpe
Chief Technical Officer
PI Benchmark
150 Buckingham Palace Road
London SW1W 9TR, UK
T: +44 (0) 845 643 0234
F: +44 (0) 207 730 2635
W:
www.pibenchmark.com <
http://www.pibenchmark.com>
Certified under ISO/IEC 27001 : 2005 for the provision of processing,
visualisation and analysis of business, transaction and personal level
information.
Purchasing Index Ltd, Registered in England: 1728605
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager. This message contains confidential information and
is intended only for the individual named. If you are not the named
addressee you should not disseminate, distribute or copy this e-mail.
Please notify the sender immediately by e-mail if you have received
this e-mail by mistake and delete this e-mail from your system. If you
are not the intended recipient you are notified that disclosing,
copying, distributing or taking any action in reliance on the contents
of this information is strictly prohibited.
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users