--On Wednesday, February 12, 2025 6:38 AM -0500 Dino Edwards
<[email protected]> wrote:
But here's an example for cn-config, you'd probably have to adjust for
your own environment.
dn: olcOverlay={6}remoteauth,olcDatabase={2}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcRemoteAuthCfg
olcOverlay: {6}remoteauth
olcRemoteAuthTLS: starttls=yes tls_reqcert=never
>olcRemoteAuthMapping: default ldaps://ad.example.com:636
olcRemoteAuthDNAttribute: seeAlso
olcRemoteAuthDomainAttribute: maildrop
olcRemoteAuthDefaultDomain: default
olcRemoteAuthDefaultRealm: ldaps://ad.example.com:636
olcRemoteAuthStore: FALSE
olcRemoteAuthRetryCount: 3
I tried loading the example below as a remoteauth.ldif file but I got the
following errors. Guessing the DN is wrong here?
67ac865a.098ae3bb 0x7eff0a2166c0 connection_input: conn=1005 deferring
operation: binding
67ac865a.098c174e 0x7eff0aa176c0 conn=1005 op=1 ADD
dn="olcOverlay={6}remoteauth,olcDatabase={2}mdb,cn=config"
67ac865a.098cea57 0x7eff0aa176c0 conn=1005 op=1 RESULT tag=105 err=21
qtime=0.000066 etime=0.000133 text=objectClass: value #1 invalid per
syntax ldap_add: Invalid syntax (21)
additional info: objectClass: value #1 invalid per syntax
67ac865a.098d6d29 0x7eff0a2166c0 conn=1005 op=2 UNBIND
adding new entry "olcOverlay={6}remoteauth,olcDatabase={2}mdb,cn=config"
As I said, you'll need to adjust for your environment. You also will
likley need to moduleload the remoteauth overlay.
--Quanah
