Mikolaj Kucharski wrote:
I have Active Directory server, OpenLDAP server and a client machine. AD is based on Windows Server 2003, OpenLDAP is 2.3.43-3.el5 running on CentOS 5 i386, client machine is as well CentOS 5.
You might want to upgrade your OpenLDAP installation since 2.3.x is almost historic now and will not get much help. Yes, we all know that people want to stick to what's shipped with their favourite Linux distribution but...
AD doesn't have all attributes which are needed by nss_ldap, so I thought to keep internal LDAP database with missing information (uidNumber, loginShell, etc) and merge, rewrite, remap or meta this information, and then give that result to the nss_ldap.
You probably want to look into using slapo-translucent.
Ciao, Michael.