Henrik Nordstrom wrote:
>
>
> On Thu, 2 Dec 2004, Oliver Hookins wrote:
>
>> This obviously just looks in the Users container for groups and users
>> and any subtrees. I tried shortening the Base DN for both users and
>> groups to just dc=domain,dc=local but it doesn't appear to work, I
>> suspect because of the filters or something. How can I specify a base
>> DN and filter when the users may be in one of any number of OUs?
>> (even OUs nested within others)
>
>
> By speficying a base DN above all your OUs, i.e. the least common
> denominator DN, usually the top of your tree.
>
> The only requirement from the Squid LDAP tools is that the information
> is kept within a single tree.
>
> Regards
> Henrik
So far in my test case I only have the base structure of
DC=domain,DC=local and the rest something like this:
local (DC) --- domain (DC) -- Builtin (CN)
|- Computers (CN)
|- Domain Controllers (CN)
|- ForeignSecurityPrincipals (CN)
|- TestOU (OU)
|- Users (CN)
So if I have my users in Users, and specify the base dn as
CN=Users,DC=domain,DC=local it works. But if I have some users in Users
and some users in TestOU and specify my base dn as DC=domain,DC=local it
doesn't work. In fact I think it may have been coming back with an LDAP
Operations error in those cases.
Regards,
Oliver
Received on Thu Dec 09 2004 - 18:22:12 MST
This archive was generated by hypermail pre-2.1.9 : Sat Jan 01 2005 - 12:00:02 MST