All,
Here's what I've now done to enable the AD Back end DB for a sub tree:
1. Click configuration and select the "dc=domain,dc=com" tree.
2. Right click "dc=domain,dc=com" tree and select new sub suffix
3. In New Suffix box, typed "ou=subsuffix1" and unchecked create
associated database automatically and click OK.
4. Open "dc=domain,dc=com" and right click
"ou=subsuffix1,dc=domain,dc=com, and select "new database link.
5. Here, I put Database link name "subsuffix1", put the bind dn and
password of a domain user account in my AD, and put the domain
controller ip in the remote server box and clicked save. (I can connect
to my AD with the DN I provided here)
6. Check enable this suffix under ou=subsuffix1,dc=worldpub,dc=corp
now subsuffix1 database appears under ou=subsuffix1,dc=domain,dc=com.
If I now go to the directory tab, and select the directory entry, i get
critical extension unavailable and if i use an ldap browser i get list
failed on the main tree. Did i miss a step? If I disable the
ou=subsuffix1,dc=domain,dc=com suffix i can browse the tree no problem.
Thanks!
Brian Smith
Sergio Diaz wrote:
FDS, OpenLDAP and AD
One Directory FDS.....i want this directions to...
Chaining Backend...
Regards,
Sergio
On Mon, 2006-10-02 at 14:12 -0400, Brian Smith wrote:
> Hello all, I've been working on getting chaining working with an active
> directory back end for a week now. Has anyone successfully done this or
> have directions on setting this up?
>
> Brian Smith
>
> Howard Chu wrote:
> >
> >> Date: Mon, 02 Oct 2006 10:01:55 -0600
> >> From: Richard Megginson <rmeggins(a)redhat.com
<mailto:rmeggins@redhat.com>>
> >
> >> Sergio Diaz wrote:
> >>> Hi Richard;
> >>>
> >>> Openldap:
> >>>
> >>> The *meta* backend to *slapd(8)
> >>>
<
http://docsrv.caldera.com:8457/cgi-bin/man?mansearchword=slapd&mansec...
<
http://docsrv.caldera.com:8457/cgi-bin/man?mansearchword=slapd&mansec...
> >>> performs basic LDAP proxying with respect
> >>> to a set of remote LDAP servers, called "targets".
The
> >>> information
> >>> contained in these servers can be presented as belonging
> >>> to a single
> >>> Directory Information Tree (DIT).
> >>>
> >>> Its possible with FDS ??
> >>>
> >> FDS has a chaining backend which allows you to use another LDAP
> >> server to store the data.
> >
> > It sounds like the FDS chaining backend is similar to OpenLDAP
> > back-ldap and/or the chaining overlay. In OpenLDAP back-ldap forwards
> > a request to one other server (at a time; multiple servers can be
> > configured but the others will only be used if the first server cannot
> > be contacted). The back-meta backend is a superset of back-ldap, it
> > can fanout single requests to multiple servers in parallel and
> > aggregate the results. (There's also attribute mapping and DN
> > rewriting, but those capabilities are no longer unique to back-meta,
> > having been moved into the rewrite overlay.) With these modules you
> > can stitch together a variety of heterogeneous directories into a
> > coherent virtual directory.
> >
> >>> Regards!!
> >>> Sergio
> >>>
> >>>
> >>> On Mon, 2006-10-02 at 07:25 -0600, Richard Megginson wrote:
> >>>> Sergio Diaz wrote:
> >>>>> Hi People,
> >>>>>
> >>>>> Its Possible Sync only in One Way ?
> >>>>> Users Windows AD -> FDS.
> >>>> No, not really.
> >>>>> Or the other scenario its like OpenLDAP have a Meta Backend (2
> >>>>> LDAPs, 1 AD), its possible with FDS ?
> >>>> It's possible. What does the meta backend do?
> >>>>>
> >>>>> Regards,
> >>>>> Sergio
> >
> >
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users(a)redhat.com <mailto:Fedora-directory-users@redhat.com>
>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>