Hello everyone!
I have been trying to configure slapd for a week to use it as a proxy for Google's LDAP service in order to connect some legacy applications. Since I have multiple domains in Google, I need to centralize all users into a common "dc."
Everything is working well, but the problem is that, apparently, when connecting to Google, I am provided with a certificate that I download from the admin console. However, with that certificate alone, slapd cannot connect to the target. So, I generate some credentials from the Google LDAP admin and add them to the slapd configuration. The issue is that, for some reason, slapd converts the username to lowercase, and Google rejects it because it is case-sensitive. Is it possible to disable this function? (There is no way to create a user in Google that is only in lowercase)
Here is my current slapd configuration:
################################################################
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/openldap.schema
include /etc/ldap/schema/nis.schema
modulepath /usr/lib/ldap
moduleload
back_meta.lamoduleload
back_ldap.ladatabase meta
suffix "dc=proxy"
rootdn "cn=admin,dc=proxy"
rootpw 1234
##
example.comuri "ldap://
172.25.3.127:2636/dc=proxy"
suffixmassage "dc=proxy" "dc=example,dc=com"
lastmod off
readonly on
idassert-bind bindmethod=simple
binddn="ChiwewDaw"
credentials="ASk0i9ejiosej9o303"
tls_reqcert=demand
tls_reqsan=demand
starttls=critical
tls_cert=/root/ldapcerts/ldap_cert.crt
tls_key=/root/ldapcerts/ldap_cert.key
tls_cacert=/root/ldapcerts/ca/gtsr1.pem
##################################################################
Thank you for your assistance!
(ps: If anyone knows how to make it work using only the certificate, that would be great.)