Hello:

I'm using Openldap. But I want to chain some searches to Active Directory.
Example:
What I try is to use openldap as a front-end that solves queries of domain.com an ad.red (chaining).
- Can any tell me how can be configured openldap for this (don't need secure connections with ldaps).
And a second question:
- Can any tell me how to pass authentication from opemldap to Active Directory using users/password and/or kerberos?

Thanks

Not exactly sure what you're referring to by "chaining".

At any rate, Active Directory is an LDAP system (granted, it's also Kerberos extensions to it, but still...). As such, you can query AD with the standard LDAP tools so long as you have an account in the directory to proxy your requests with. So, treat it like any other LDAP source - use the normal extensions to OpenLDAP that you would for any multi-source query system.

You'd probably want to look at OpenLDAP's "meta" backend for linking multiple LDAP sources into a common query-space.

Thanks for reply:

When I talk about chaining is about: http://www.openldap.org/doc/admin24/....html#Chaining.

But there it talks about configuring slave ldap and I think that it can be done configuring them master to send requests to slaves (I can't modify Active Directory configuration).
I try to configure openldap to work as a proxy for different ldaps, including Active Directory. All requests are received by openldap which has the data or knows where the data is stored and asks for it and sends it to the client.

I've found different pages talking about it, but I've not been able to make it work. So I'd like to know if someone has been able to do it and how.

Thanks again