2017-05-29 19:00 GMT+02:00 Dan White <dwhite(a)cafedemocracy.org>:
On 05/29/17 23:36 +0900, Alexandre Rosenberg wrote:
> I am in a environment where we use both OpenLDAP and Active Directory.
> All Linux servers authenticate against OpenLDAP where we have user group,
> unix group (...)
> This means that if perform a BIND and a search, the BIND should be
> performed against the AD but the search result should from OpenLDAP.
> (anonymous search is fine)
> The short username are used in in OpenLDAP like this:
> While the AD uses the long username. From my test when binding to AD, only
> the "DN" is simply set to the username.
Pass-through authentication should work if you're performing simple binds.
Chapter 14 of the admin guide has a good example.
You can also find a tutorial here: