On Wed, Apr 30, 2014 at 09:11:20AM +0200, Geerten Schram wrote:
I'm trying to set up a ldap proxy in front of an Active Directory and
configure sssd on the end point using AD schema, but so far I'm not very
succesfull and now I wonder if it is feasible at all.
My first attempt is trying to use sssd directly to AD with these
id_provider = ldap
auth_provider = ldap
to no avail. I can join the AD domain and then it works. So is this
possible at all?
In general, I think this should be possible, because the AD provider is
a 'wrapper' around the LDAP ID provider and Kerberos AUTH provider for
the biggest part.
I'm afraid there is not enough information in your e-mail, though..
What exactly doesn't work getting user information or authentication? Can
you paste the logs?
Does the LDAP proxy have the same schema as AD uses, same attribute
Does the LDAP proxy allow anonymous bind? Can you search it with