This is a small faq for repeated questions on #openldap on freenode. Some of these are not excatly questions, but it will most likely answer your question anyway.
Don't use phpldapadmin. Use Apache Directory studio if you want a gui.
Don't use nis.schema. Use rfc2307bis. It makes posixgroups auxilliary to groupOfNames, allowing you to use you groups for other types of access controlls as well, for example webapps.
- Configure /etc/nsswitch.conf
- Configure pam
- Configure nslcd OR sssd
Contact you support at microsoft.
You read, and understand the admin guide hosted at openldap.org. In short you do the following: - Create tight acls - Use kerberos for authentication - Use TLS for transport security
If you use the packages provided by a vendor, it is most likely years behind. It is not unlikely that your bug only exists in the vendors packages. Compile the latest openldap and see if the problem persist, and we will try to help you.
Contact your vendor then.