[Samba] RODC in DMZ

Kees van Vloten keesvanvloten at gmail.com
Sun Jan 19 23:01:10 UTC 2025


Op 29-12-2024 om 20:29 schreef Stefan Kania via samba:
>
>
> Am 13.12.24 um 14:38 schrieb Kees van Vloten via samba:
>> There is one limitation I forgot to mention: in my config there is a 
>> module "mr_passthru", it is required if you want to do Microsoft 
>> LDAP_MATCHING_RULE_IN_CHAIN queries, e.g. for nested group membership 
>> lookups: "(memberof:1.2.840.113556.1.4.1941:=CN=...) ".
>>
>> Openldap does not support these by default.
>
> OpenLDAP supports nested groups via acl set ;-), without any aditional 
> overlay
>
Did you manage to get that working (with this kind of ldap-proxy)?

If so, could you share some examples?


- Kees.




More information about the samba mailing list