Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ### Schema includes ###########################################################
- include /etc/openldap/schema/core.schema
- include /etc/openldap/schema/cosine.schema
- include /etc/openldap/schema/inetorgperson.schema
- include /etc/openldap/schema/misc.schema
- include /etc/openldap/schema/nis.schema
- ## Module paths ##############################################################
- modulepath /usr/lib64/openldap/
- moduleload back_ldap
- moduleload rwm
- ## Support both LDAPv2 and LDAPv3
- allow bind_v2
- # Main settings ###############################################################
- pidfile /var/run/openldap/slapd.pid
- argsfile /var/run/openldap/slapd.args
- ### Database definition (Proxy to AD) #########################################
- database ldap
- readonly yes
- protocol-version 3
- rebind-as-user yes
- uri "ldap://10.0.0.90:389"
- suffix "DC=secretdomain,DC=com"
- idassert-bind bindmethod=simple
- binddn="CN=MropenLDAP,OU=Administration,DC=secretdomain,DC=com"
- credentials=topsecretpass
- mode=none
- idassert-authzFrom "*"
- overlay rwm
- rwm-map attribute uid sAMAccountName
- rwm-map attribute mail proxyAddresses
- ### Logging ###################################################################
- logfile /var/log/slapd/slapd.log
- loglevel 1
- ldapsearch -H ldap://10.0.0.90 -x -b "OU=Administration,DC=secretdomain,DC=com" -v -LLL "(samaccountname=someusername)"
- ldapsearch -H ldap://10.0.0.90 -x -b "OU=Administration,DC=secretdomain,DC=com" -v -LLL
- ldap_initialize( ldap://10.0.0.90:389/??base )
- filter: (objectclass=*)
- requesting: All userApplication attributes
- Operations error (1)
- Additional information: 000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1
- ldapsearch -H ldap://10.0.0.90 -x -b "OU=Administration,DC=secretdomain,DC=com" -v -LLL -D "CN=MropenLDAP,OU=Administration,DC=secretdomain,DC=com" "(samaccountname=someusername)" -w topsecretpass
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement