[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: referrals, do they work in 1.2.11
Below I have included the slapd.conf of the server that I initally
query(I'll call server1) followed by the slapd.conf of the server(server2)
being referred to.
Server2 has the data built with the DN suffix "Verison's LDAP Service" and
Server1 doesn't have any DN's with the suffix "Verison's LDAP Service". So
when I query Server1 for an entry that exists on server2 should the referral
work? I'm still getting Object not found. Are my suffixs setup correctly?
Thanks
-john
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
schemacheck on
#loglevel 256
referral ldap://anpimg.ism.comversens.com:20911/
include /usr/local/ldap/ANP20/slapd.at.conf
include /usr/local/ldap/ANP20/slapd.oc.conf
pidfile /usr/local/ldap/ANP20/slapd.pid
argsfile /usr/local/ldap/ANP20/slapd.args
database ldbm
suffix "c=US"
suffix "o=sbc,c=US"
suffix "o=BellSouth's LDAP Service, c=US"
suffix "o=Verizon's LDAP Service, c=US"
suffix "dc=btrd.bostontechnology.com, dc=com"
index dn,e164Digit,cn,Tnic pres,eq,approx
directory /usr/local/ldap/ANP20/database
rootdn "cn=Manager, dc=btrd.bostontechnology.com, dc=com"
rootpw secret
dbcachenowsync
#dbcachesize 25000000
# cleartext passwords, especially for the rootdn, should
# be avoid. See slapd.conf(5) for details.
########################### the end
############################################
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
schemacheck on
#loglevel 256
include /usr/local/ldap/ANP20/referral/slapd.at.conf
include /usr/local/ldap/ANP20/referral/slapd.oc.conf
pidfile /usr/local/ldap/ANP20/referral/slapd.pid
argsfile /usr/local/ldap/ANP20/referral/slapd.args
database ldbm
suffix "c=US"
suffix "o=sbc,c=us"
suffix "o=Verizon's LDAP Service, c=US"
suffix "o=BellSouth's LDAP Service, c=us"
suffix "dc=btrd.bostontechnology.com, dc=com"
index dn,e164Digit,cn,Tnic pres,eq,approx
directory /usr/local/ldap/ANP20/referral/database
rootdn "cn=Manager, dc=btrd.bostontechnology.com, dc=com"
rootpw secret
dbcachenowsync
#dbcachesize 25000000
# cleartext passwords, especially for the rootdn, should
# be avoid. See slapd.conf(5) for details.
########################### the end
############################################
-----Original Message-----
From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org]
Sent: Thursday, October 12, 2000 11:17 AM
To: Downs, John
Cc: 'openldap-software@openldap.org'
Subject: Re: referrals, do they work in 1.2.11
At 10:17 AM 10/12/00 -0400, Downs, John wrote:
>We are having no luck getting referrals to work in OpenLDAP 1.2.11.
>Does it work?
Other than the known limitations (see list for details)
of U-Mich LDAPv2+ referrals, they work just fine.
> Is there a special trick to getting it to work.
No special tricks... other than proper configuration. See
the U-Mich guide here for details.
http://www.openldap.org/faq/index.cgi?file=106
>I have the referral
>line set in the slapd.conf
>file. When I try to query that server for a non-existent DN it promptly
>returns "object no found"
>and shows no sign of following the referral.
The default referral (slapd.conf/referral) is should be returned
to the client if the requested DN is under any of the configured
suffixes (naming contexts). That is, the default referral holds
the a reference to the superior service. Note that the server
doesn't "follow" the referral itself, it returns the referral to
the client so the client can follow it.
Subordinate referrals are held in the directory (as referral
entries) and these will be returned to the client only(*) as
search continuations [* this is one of the above mentioned
limitations].
>Is there a relationship between searchbasedn and
>referrals? What is it?
Yes. If the requested search base is not below any of the
services suffixes, the default (superior) referral is returned
if provided in slapd.conf else noSuchObject. If the requested
search base is below a service suffix but is not held by the
backend, noSuchObject is returned. If the requested search base
is below a service suffix, but is held by the backend, all
referrals within scope are returned. These are referred to as
"search continuations" or "search references".