ldap proxy , relay , meta - yar145/mytestrepo1 GitHub Wiki
How To Install and Configure an LDAP Proxy-Cache Server
How To Install and Configure an LDAP Proxy-Cache Server
Configuring LDAP Proxy Server with multiple AD/LDAP Servers
Control Directory Services with LDAP Proxy
Real detailed description of LDAP BAckend The LDAP backend (How do I setup/configure back-ldap?)
Configuring LDAP server
memberof
Статические группы: наложение memberof , много практической информации по memberof
Статические группы: наложение memberof Статические группы: наложение memberof
OpenLDAP memberOf overlay OpenLDAP memberOf overlay
ldap filter examples
C.2. LDAP Filters and Attributes for Users, Groups, and Containers
How to write LDAP search filters
Ldap extending schema Extending schema
https://github.com/abbra/freeipa-userstatus-plugin is kind of canonical example I made to demonstrate how to extend a schema, a CLI, and a web UI, in addition to packaging this properly for an RPM-based distribution. It is a fully-working plugin.
A user status plugin example for freeIPA
/usr/local/etc/openldap/slapd.conf
cat slapd.conf.tested include /usr/local/etc/openldap/schema/core.schema
yar added
include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/openldap.schema
pidfile /usr/local/var/run/slapd.pid argsfile /usr/local/var/run/slapd.args
Load dynamic backend modules:
yar added
moduleload rwm moduleload memberof.la
database config
#######################################################################
META Database Definitions
#######################################################################
Database
database meta suffix "dc=proxy,dc=com" rootdn "cn=manager,dc=proxy,dc=com" rootpw secret
readonly yes
LDAP 1
uri "ldap://ipa1.core.idenon.com:389/dc=proxy,dc=com"
lastmod off suffixmassage "dc=proxy,dc=com" "dc=core,dc=idenon,dc=com" idassert-bind bindmethod=simple binddn="uid=admin,cn=users,cn=accounts,dc=core,dc=idenon,dc=com" credentials="supersecret1" mode=none flags=non-prescriptive idassert-authzFrom "dn.exact:cn=manager,dc=proxy,dc=com"
#LDAP 2
uri "ldap://ipa02-dzento-v.dzento.com/dc=proxy,dc=com" suffixmassage "dc=proxy,dc=com" "dc=dzento,dc=com" idassert-bind bindmethod=simple binddn="uid=y.sobolevsky,cn=users,cn=accounts,dc=dzento,dc=com" credentials="supersecret2" mode=none flags=non-prescriptive idassert-authzFrom "dn.exact:cn=manager,dc=proxy,dc=com"
yar added
overlay memberof
ldapsearch -h 127.0.0.1 -b dc=proxy,dc=com -D cn=manager,dc=proxy,dc=com -w \secret uid=yaruser * memberOf