Stephen Gran on 26 Mar 2010 13:20:21 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] using OpenLDAP with Active Directory

On Fri, Mar 26, 2010 at 01:53:07PM -0400, Mike Leone said:
> Anyone? I've also posted this on OpenLDAP mailing list, with no response 
> (so far - I only sent it today).

I use:

uri ldaps://<ldapserver>
ssl on
tls_checkpeer no
base ou=Users And Groups,dc=<blah blah>
scope sub
binddn <binduser@bindomain>
timelimit 120
bind_timelimit 120
idle_timelimit 3600
nss_base_passwd ou=Users And Groups,dc=<blah blah>?sub?objectClass=user
nss_base_group ou=Users And Groups,dc=<blah blah>?sub?objectClass=group
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd,gdm
nss_map_objectclass posixAccount User
nss_map_objectclass shadowAccount User
nss_map_attribute uid msSFU30Name
nss_map_attribute uniqueMember member
nss_map_attribute homeDirectory unixHomeDirectory
nss_map_attribute gecos cn
nss_map_objectclass posixGroup Group
pam_login_attribute msSFU30Name
pam_filter objectclass=User
pam_password ad

|  Stephen Gran                  | Don't Worry, Be Happy.   -- Meher Baba  |
|             |                                         |
| |                                         |
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --