Minimum configuration for openldap to proxy multiple AD into a single search base

时间:2021-10-12 22:41:42

[root@localhost ~]# cd /etc/openldap
[root@localhost openldap]# cat slapd.conf
loglevel 0x900
include /etc/openldap/schema/core.schema
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
moduleload back_ldap.la
moduleload back_meta.la
database meta
suffix "dc=test"

uri "ldap://192.168.159.3/dc=test"
suffixmassage "dc=test" "dc=smallbusiness1,dc=local"
idassert-bind bindmethod=simple
binddn="cn=guest1,cn=Users,dc=smallbusiness1,dc=local"
credentials="Test1234"
idassert-authzFrom "*"
uri "ldap://192.168.159.4/dc=test"
suffixmassage "dc=test" "dc=smallbusiness2,dc=local"
idassert-bind bindmethod=simple
binddn="cn=guest2,cn=Users,dc=smallbusiness2,dc=local"
credentials="Test1234"
idassert-authzFrom "*"

[root@localhost openldap]# ldapsearch -x -h localhost -b "cn=Users,dc=test"