--On Wednesday, February 12, 2025 6:38 AM -0500 Dino Edwards dino.edwards@mydirectmail.net wrote:
But here's an example for cn-config, you'd probably have to adjust for
your own environment.
dn: olcOverlay={6}remoteauth,olcDatabase={2}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcRemoteAuthCfg olcOverlay: {6}remoteauth olcRemoteAuthTLS: starttls=yes tls_reqcert=never olcRemoteAuthMapping: default ldaps://ad.example.com:636 olcRemoteAuthDNAttribute: seeAlso olcRemoteAuthDomainAttribute: maildrop olcRemoteAuthDefaultDomain: default olcRemoteAuthDefaultRealm: ldaps://ad.example.com:636 olcRemoteAuthStore: FALSE olcRemoteAuthRetryCount: 3
I tried loading the example below as a remoteauth.ldif file but I got the following errors. Guessing the DN is wrong here?
67ac865a.098ae3bb 0x7eff0a2166c0 connection_input: conn=1005 deferring operation: binding 67ac865a.098c174e 0x7eff0aa176c0 conn=1005 op=1 ADD dn="olcOverlay={6}remoteauth,olcDatabase={2}mdb,cn=config" 67ac865a.098cea57 0x7eff0aa176c0 conn=1005 op=1 RESULT tag=105 err=21 qtime=0.000066 etime=0.000133 text=objectClass: value #1 invalid per syntax ldap_add: Invalid syntax (21) additional info: objectClass: value #1 invalid per syntax 67ac865a.098d6d29 0x7eff0a2166c0 conn=1005 op=2 UNBIND adding new entry "olcOverlay={6}remoteauth,olcDatabase={2}mdb,cn=config"
As I said, you'll need to adjust for your environment. You also will likley need to moduleload the remoteauth overlay.
--Quanah