Juan Miscaro wrote:
On 14 December 2011 17:44, Quanah Gibson-Mountquanah@zimbra.com wrote:
--On Wednesday, December 14, 2011 3:40 PM -0500 Juan Miscaro jmiscaro@gmail.com wrote:
I would like to use the slapd-ldap backend as a proxy to Active Directory (Windows Server 2008 R2).
Firstly, AD can be queried directly:
Does your local OpenLDAP have a schema file that defines the AD attributes you are using?
No. I read that since OpenLDAP 2.3 this was not necessary (I'm running 2.4.25 on Ubuntu 11.10). I got my project from a tutorial [1] where this all worked.
[1]: http://is.gd/dqM1Ts (see section "Using OpenLDAP 2.3 to Pass Unknown Schema" on page 2)
The passthru of unknown schema is just a hack. It will allow you to see some data but without actual schema definitions it can't do proper normalization, case matching, filter parsing, etc... Everything works better with actual schema defined.