[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: one slapd to multiple backends LDAP
> Hi,
>
> I'd like to use openldap as proxy LDAP towards 2 servers (for read only).
>
> For exemple :
>
> dc=univ-nancy2,dc=fr
> _________________|______________________________
> | |
> ou=pers,dc=univ-nancy2,dc=fr ou=etudiants,dc=univ-nancy2,dc=fr
>
> Here is my configuration :
>
> database ldap
> uri ldap://neith.univ-nancy2.fr:395
> suffix "ou=pers,dc=univ-nancy2,dc=fr"
>
>
> database ldap
> uri ldap://etumel.univ-nancy2.fr:392
> suffix "ou=etudiants,dc=univ-nancy2,dc=fr"
>
> database ldbm
> suffix "dc=univ-nancy2,dc=fr"
> directory /home/ldap/ldapProxy/data
> index objectclass eq
>
> the ldif from suffix dc=univ-nancy2,dc=fr is :
>
> dn: dc=univ-nancy2,dc=fr
> objectClass: top
> objectClass: domain
> dc: univ-nancy2
>
> (only one entry)
>
> If I search :
> (uid=vmathieu) with the base ou=pers,dc=univ-nancy2,dc=fr, it works
>
> If I search :
> (uid=vmath999) with the base ou=etudiants,dc=univ-nancy2,dc=fr, it works
>
> but, if I search (uid=vmathieu) or (uid=vmath999) with the base dc=univ-nancy2,dc-fr, there is nothing.
>
> openldap Does not make the link beetween the database ldbm and the databases ldap.
>
> How can I do this?
You need to configure the proxies to point at the least common naming
context to spawn searches across the whole tree. This because the
appropriate database is selected based on the base of the request,
so if you have
# database 1
suffix "ou=pers,dc=univ-nancy2,dc=fr"
# database 2
suffix "ou=etudiants,dc=univ-nancy2,dc=fr"
and you issue a search request with base "dc=univ-nancy2,dc=fr",
none of the databases will be selected.
You should try the (experimental) back-meta; it does exactly what
you expect.
Another solution is using referrals, although in this case it is
the client's responsibility to contact the appropriate server.
Pierangelo.