On 08/09/2009 09:52, tom mahy wrote:
Our current setup is 2 active directories, with one openLdap.
Our applications syncs with openLdap, openLdap acts as a proxy to the
active directories, meaning we can see both AD's in OpenLdap.
This is great, but when we setup trusts in Active Directory, openLdap
detects them as simple folders, and does not apply the trust.
Therefore when we sync we only get the top folder, the trust inside it
is ignored. meaning we are missing a level.
Is there anyway of making openLdap detect these trusts and apply them ?
I'm unsure what an Active Directory "trust" is exactly. I assume it's
some kind of "integration" into the directory you're searching of data
from another directory.
If this uses, at any point, the standard notion of referrals, you may be
in luck - slapo-chain is an overlay for OpenLDAP that can follow such
However, if this is an Active Directory feature completely outside the
LDAP standard, it is unlikely that OpenLDAP will be able to understand it.
So, if it's a referral, check out slapo-chain. If not, maybe you could
tell us more about it ?