OpenLDAP Proxy to Active Directory

Issues related to applications and software problems
Post Reply
Vertigo89
Posts: 1
Joined: 2019/12/11 06:29:31

OpenLDAP Proxy to Active Directory

Post by Vertigo89 » 2019/12/11 07:05:53

Hi guys,

Before jumping head first to what I'm planning to do, I just want to make sure it's possible.

We have multiple Web/Mail servers that are outside our office network. We're looking to put something on our DMZ that will act as a proxy allow users to authenticate on the external servers using their AD credentials.

I was able to get OpenLDAP with pass-through authentication using SASL to work. But the way I got it working involves creating an LDAP user for each user. Since our plan is to put atleast 2 of these in place, creating all these users in all OpenLDAP, this will potentially cause a lot of overhead later on.

Is it possible to setup OpenLDAP to forward all authentication to an AD server without creating LDAP users? I've seen some references about using "database meta" and then mapping AD attributes to map LDAP attributes. I'm not sure if that meta databases will actually work with ADs, not just another OpenLDAP server.

Post Reply