2017-05-29 19:00 GMT+02:00 Dan White <[email protected]>: > On 05/29/17 23:36 +0900, Alexandre Rosenberg wrote: >> >> I am in a environment where we use both OpenLDAP and Active Directory. >> All Linux servers authenticate against OpenLDAP where we have user group, >> unix group (...) > > >> This means that if perform a BIND and a search, the BIND should be >> performed against the AD but the search result should from OpenLDAP. >> (anonymous search is fine) > > >> The short username are used in in OpenLDAP like this: >> >> uid=john01,ou=People,dc=example,dc=com >> >> While the AD uses the long username. From my test when binding to AD, only >> the "DN" is simply set to the username. >> >> [email protected] > > > Pass-through authentication should work if you're performing simple binds. > Chapter 14 of the admin guide has a good example.
You can also find a tutorial here: https://ltb-project.org/documentation/general/sasl_delegation Clément.
