On Tue, Jan 22, 2008 at 01:14:47AM -0800, Howard Chu wrote:
Aiko Barz wrote:
Hello,
is it possible to create an Active Directory forest with multible subdomains and make those informations available for one Linux machine? Right now, we have one domain and it is possible to do authentication against the Active Directory, while using OpenLDAP, PAM and Kerberos.
There's nothing in OpenLDAP that would prevent this. This is a question more suited to either the pam_ldap or nss_ldap mailing lists. The only problem is you might have cn=userA representing two different users in both domains at once, and you'll have to have some kind of policy for dealing with those situations.
Hello,
I was testing a subdomain configuration and I wondered: What happened to the -C switch? And will there be support for following referrals with credentials?
Debian/Testing:
$ ldapsearch -h 2>&1| grep "-C" | wc -l 0
$ ldapsearch -VV ldapsearch: @(#) $OpenLDAP: ldapsearch 2.4.7 (Jan 22 2008 00:11:57) $ buildd@ninsei:/build/buildd/openldap2.3-2.4.7/debian/build/clients/tools (LDAP library: OpenLDAP 20407)
So long, Aiko