Searching child OU's for authentication

Bliss, Aaron ABliss at preferredcare.org
Tue Feb 27 16:10:02 UTC 2007 

Still no good for me...I'm not sure if our domain is configured
differently than yours that would cause the recursive query to fail....

Aaron 

-----Original Message-----
From: redhat-list-bounces at redhat.com
[mailto:redhat-list-bounces at redhat.com] On Behalf Of Gaddis, Jeremy L.
Sent: Tuesday, February 27, 2007 10:19 AM
To: General Red Hat Linux discussion list
Subject: Re: Searching child OU's for authentication

On Tue, 27 Feb 2007, Josh Miller wrote:
> The example does not accomplish what the OP describes, as it is
limited to 
> the Users OU.  The goal here is to be able to point the Apache config
at a 
> Domain Controller and have it search ALL OUs and right now there is a
seeming 
> limitation on a single top-level OU -- although any user object within
that 
> top-level OU will work.

I changed the coniguration I posted slightly from the "real" 
configuration.  In our Active Directory structure, we have an OU at 
the root-level called "Acad", therefore:

AuthLDAPURL 
ldap://my.domain.edu:389/cn=Acad,DC=domain,DC=edu?sAMAccountName?sub?(ob
jectclass=*)

With this, we're able to authenticate any user "under" the Acad OU. 
There are no user objects actually *in* the Acad OU, but there a few 
OUs under that where user objects reside.

I suppose I am not "searching all OUs" as I limit the searches to 
anything the top-level Acad OU.

HTH,
-j

-- 
Jeremy L. Gaddis, MCP, GCWN             jeremy at linuxwiz.net
LinuxWiz Consulting                     http://linuxwiz.net


-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list


Confidentiality Notice:
The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information.  If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited.  If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received.

More information about the redhat-list mailing list