[Fedora-directory-users] LDAP proxy

Michal Rejda mrejda at kerio.com
Wed Apr 15 07:49:41 UTC 2009 


> -----Original Message-----
> From: fedora-directory-users-bounces at redhat.com [mailto:fedora-
> directory-users-bounces at redhat.com] On Behalf Of Rich Megginson
> Sent: Tuesday, April 14, 2009 4:25 PM
> To: General discussion list for the Fedora Directory server project.
> Subject: Re: [Fedora-directory-users] LDAP proxy
> 
> Michal Rejda wrote:
> > I tried to use http://tinyurl.com/culeft. But the database link
> doesn't work. I setup the database link to the Active Directory (and
> OpenLDAP). When I looked into Wireshark log, FDS send search request
> with controls:
> > 	2.16.840.1.113730.3.4.2
> > 	2.16.840.1.113730.3.4.12
> > And the AD server responded: Unavailable Critical Extension.
> >
> > I tried to remove this two controls from Database Link Settings (in
> administration console) but it didn't help. The server didn't return
> the message above, but the administrative console show error dialog.
> >
> What error?
I tried it again and the error message is exactly:

Error fading object 'dn: dc=example, dc=com'.
The error send by the server was:
".

In the Whireshark log was still the search request witch control:
	2.16.840.1.113730.3.4.2

Why is this control needed by the server when I removed it from Database link settings?

> >
> >> Michal Rejda wrote:
> >>
> >>> Hi all,
> >>>
> >>> I’m trying to setup proxy on FDS to another LDAP server (OpenLDAP
> >>> and Active Directory). I tried two ways, but none of these works:
> >>>
> >>> 1) New database link to LDAP server.
> >>>
> >>> - The remote LDAP server (OpenLDAP) returns: null. manageDSAit
> >>>
> >> control
> >>
> >>> value not found
> >>>
> >>>
> >> You might have to tweak the controls used by chaining - see
> >> http://tinyurl.com/culeft
> >>
> >>> 2) Create multiple-master replication and setup other server as
> >>>
> >> consumer.
> >>
> >>> - But this show error: 255 Replication error acquiring replica:
> >>> unknown error.
> >>>
> >>>
> >> Replication will only work to a SunDS, not to any other vendor.
> >>
> >>> My question is: Is there way how to setup proxy to access another
> >>>
> >> LDAP
> >>
> >>> server from Fedora DS? I know that is possible to use AD sync, but
> I
> >>> cannot install anything on the AD server. The second reason why I
> >>>
> >> need
> >>
> >>> to setup proxy is to use data stored in LDAP server (OpenLDAP, Open
> >>> Direcoty Server and Active Directory) in one place. I need to
> update
> >>> them too. It is not necessary to synchronize passwords.
> >>>
> >>>
> >> See also
> >> http://directory.fedoraproject.org/wiki/Howto:OpenldapIntegration
> >>
> >>> Thank you for reply.
> >>>
> >>> Regards,
> >>>
> >>> Michal
> >>>
> >>>
> >
> >
> >
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
>

More information about the 389-users mailing list