[Fedora-directory-users] FDS and AD

[Brian Smith]

All,
Here's what I've now done to enable the AD Back end DB for a sub tree:
1.   Click configuration and select the "dc=domain,dc=com" tree.
2.   Right click "dc=domain,dc=com" tree and select new sub suffix
3.   In New Suffix box, typed "ou=subsuffix1" and unchecked create
associated database automatically and click OK.
4.   Open "dc=domain,dc=com" and right click
"ou=subsuffix1,dc=domain,dc=com, and select "new database link.
5.   Here, I put Database link name "subsuffix1", put the bind dn and
password of a domain user account in my AD, and put the domain
controller ip in the remote server box and clicked save. (I can connect
to my AD with the DN I provided here)
6.   Check enable this suffix under ou=subsuffix1,dc=worldpub,dc=corp

now subsuffix1 database appears under ou=subsuffix1,dc=domain,dc=com. 
If I now go to the directory tab, and select the directory entry, i get
critical extension unavailable and if i use an ldap browser i get list
failed on the main tree.  Did i miss a step?  If I disable the
ou=subsuffix1,dc=domain,dc=com suffix i can browse the tree no problem. 
Thanks!
Brian Smith



Sergio Diaz wrote:
>
> FDS, OpenLDAP and AD
>
> One Directory FDS.....i want this directions to...
> Chaining Backend...
>
> Regards,
> Sergio
>
> On Mon, 2006-10-02 at 14:12 -0400, Brian Smith wrote:
>> Hello all, I've been working on getting chaining working with an active
>> directory back end for a week now.  Has anyone successfully done this or
>> have directions on setting this up?
>>
>>  Brian Smith
>>
>> Howard Chu wrote:
>> >
>> >> Date: Mon, 02 Oct 2006 10:01:55 -0600
>> >> From: Richard Megginson <rmeggins at redhat.com <mailto:rmeggins at redhat.com>>
>> >
>> >> Sergio Diaz wrote:
>> >>> Hi Richard;
>> >>>
>> >>> Openldap:
>> >>>
>> >>>   The  *meta* backend to *slapd(8)
>> >>> <http://docsrv.caldera.com:8457/cgi-bin/man?mansearchword=slapd&mansection=8 <http://docsrv.caldera.com:8457/cgi-bin/man?mansearchword=slapd&mansection=8>>*
>> >>> performs basic LDAP proxying with respect
>> >>>        to a set of remote LDAP servers,  called  "targets".   The 
>> >>> information
>> >>>        contained  in  these  servers can be presented as belonging
>> >>> to a single
>> >>>        Directory Information Tree (DIT).
>> >>>
>> >>> Its possible with FDS ??
>> >>>   
>> >> FDS has a chaining backend which allows you to use another LDAP
>> >> server to store the data.
>> >
>> > It sounds like the FDS chaining backend is similar to OpenLDAP
>> > back-ldap and/or the chaining overlay. In OpenLDAP back-ldap forwards
>> > a request to one other server (at a time; multiple servers can be
>> > configured but the others will only be used if the first server cannot
>> > be contacted). The back-meta backend is a superset of back-ldap, it
>> > can fanout single requests to multiple servers in parallel and
>> > aggregate the results. (There's also attribute mapping and DN
>> > rewriting, but those capabilities are no longer unique to back-meta,
>> > having been moved into the rewrite overlay.) With these modules you
>> > can stitch together a variety of heterogeneous directories into a
>> > coherent virtual directory.
>> >
>> >>> Regards!!
>> >>> Sergio
>> >>>
>> >>>  
>> >>> On Mon, 2006-10-02 at 07:25 -0600, Richard Megginson wrote:
>> >>>> Sergio Diaz wrote:
>> >>>>> Hi People,
>> >>>>>
>> >>>>> Its Possible Sync only in One Way ?
>> >>>>> Users Windows AD -> FDS.
>> >>>> No, not really.
>> >>>>> Or the other scenario its like OpenLDAP have a Meta Backend (2
>> >>>>> LDAPs, 1 AD), its possible with FDS ?
>> >>>> It's possible. What does the meta backend do?
>> >>>>>
>> >>>>> Regards,
>> >>>>> Sergio
>> >
>> >
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com <mailto:Fedora-directory-users at redhat.com>
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>     
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20061002/fc3de15c/attachment.htm>