Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-4260: How to start Centrify's ldapproxy

Authentication Service ,  

26 March,14 at 05:33 AM

Applies to: All versions of Centrify ldapproxy

After following steps mentioned in page 201 of  the below guide, how does one start ldapproxy?

ldapproxy should be run as follows by root or privileged user.

#/usr/share/centrifydc/libexec/slapd -f /etc/centrifydc/openldap/ldapproxy.slapd.conf -h ldap://engcen5.centrifyimage.vms

Where /engcen5.centrifyimage.vms is the name of the Centrify server running slapd/ldapproxy

Note: The -h flag is very important, otherwise slapd will only accept connections from localhost
One can verify if slapd  is running or not by running the below command
-bash-3.00# ps -ef|grep slapd
    root 17695     1   0   Mar 24 ?           0:00 /usr/share/centrifydc/libexec/slapd -f /etc/centrifydc/openldap/ldapproxy.slapd
One can test ldapproxy by running a query and it show display the attributes of the computer object

# /usr/share/centrifydc/bin/ldapsearch -h engcen5.centrifyimage.vms -x -b "dc=centrifyimage,dc=vms" "(&(objectclass=computer)(cn=engcen5))" memberof

Where engcen5.centrifyimage.vms is the name of the ldapserver and "dc=" should be changed to the AD domain name as seen in adinfo output and eng5 is the name of the computer object searched.