RE: Server to Server question

["Howard Chu" <hyc@highlandsun.com>]

No way in OpenLDAP 2.0. Yes in 2.1. The 2.1alpha release has been out for a
while, and 2.1beta is due out very soon.

The documentation for the new feature hasn't been written yet, but here is
an
example of how to configure 2.1; the feature you want requires either
back-ldap or back-meta to be enabled in addition to the default database
types. On the serverB there is nothing different to do. On serverA you would
configure a subordinate backend instead of configuring a referral:

database ldap
suffix dc=a1,dc=a
subordinate
uri ldap://[serverB IPv6 address]/

database ldbm
suffix dc=a
[regular configuration info for "dc=a" database...]

The above config for serverA will allow anonymous searches to behave
correctly. Also, all searches by users under dc=a1,dc=a should work fine.
But a user bound as cn=user,dc=a would not be able to bind to the dc=a1,dc=a
server, so that would fail.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Alberto
> Cabellos

> Hi,
>
>     I've installed an OpenLDAP v2 (IPv6 enabled) and i've configured a
> "referral". So:
>
> My server (serverA) is managing "dc=a"
> Another OpenLDAPv2 server (serverB) is managing "dc=a1,dc=a"
>
> So, in serverA, i've configured "refldap://[serverB IPv6
> address]/dc=a1,dc=a2"
>
> When I make a search on serverA (whith ldapsearch) it answers me with
> the referral. Is there anyway for serverA to asking serverB
> directly?  Like a "recursive search" in DNS...
>
>
>     Thank you in advance and excuse me for my poor english...
>
>                             Best Regards,
>
>                                         Alberto