Re: Base DN questions

[Pierangelo Masarati <masarati@aero.polimi.it>]

dannyman wrote:

> Two of them.
>
> 1) Coudn't find this in the FAQ, but I've talked to LDAP servers before
> where I did not have to specify a base DN.  I recall that there is a way
> for a client to trivially determine a reasonable base search DN.
> Anyways, is there a way to configure my server such that clients need
> not specify a base DN?

two ways:

defaultSearchBase "dc=your,dc=org"

is used whenever the search base is "" and scope is not "base";
otherwise, for the last database, you may want to use

suffixAlias    "" "dc=your,dc=org"
suffix    "dc=your,dc=org"
suffix    ""

which yields the same result.

>
>
> 2) Can I alias a base DN, such that:
> o=tellme.com -> dc=tellme,dc=com
> ou=People,o=tellme.com -> ou=People,dc=tellme,dc=com
> uid=*,ou=People,o=tellme.com -> uid=*,ou=People,dc=tellme,dc=com

again:

suffixAlias    "o=tellme.com" "dc=tellme,dc=com"
suffix    "dc=tellme,dc=com"
suffix    "o=tellme.com"


>
>
> Basically, I'd like to set it up so that if some foggy old client starts
> doing searches with a base DN of o=tellme.com that it ends up getting
> the goods on things in dc=tellme,dc=com.  I'd like to just "alias" the
> base DN, or whatever, not create a shadow o=tellmew.com where every
> object is a reference to its real counterpart in dc=tellme,dc=com.

--
Dr. Pierangelo Masarati               | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale                | fax:   +39 02 2399 8334
Politecnico di Milano                 | mailto:masarati@aero.polimi.it
via La Masa 34, 20156 Milano, Italy   | http://www.aero.polimi.it/~masarati