Great :-) it starts !
After some time ... I finally tested your workaround about using replicas in the uri directive of a backend-meta
Pierangelo Masarati wrote: > Another workaround is to use semicolons ';' to separate RDNs > in the <DN> part of the URI; note that semicolons as RDN separators > are deprecated, but currently accepted by OpenLDAP's DN parsing code, > as required by rfc2253. cf then end of the mail for more ...
1st test with ; between RDN and , between URI
slapd.conf
database meta
suffix "dc=meta,dc=fr"
uri "ldap://ldaptux.int-evry.fr:9009/dc=int-evry;dc=meta;dc=fr,ldap://localhost/dc=int-evry;dc=meta;dc=fr";
suffixmassage "dc=int-evry,dc=meta,dc=fr" "dc=int-evry,dc=fr"
slapd -d 64 ...
line 93 (uri "ldap://ldaptux.int-evry.fr:9009/dc=int-evry;dc=meta;dc=fr,ldap://localhost/dc=int-evry;dc=meta;dc=fr";)
/etc/openldap/slapd_meta.conf: line 93: target 'ldap://ldaptux.int-evry.fr:9009/dc=int-evry;dc=meta;dc=fr,ldap://localhost/dc=int-evry;dc=meta;dc=fr' DN is invalid
slapd stopped.
then with space separator between URI and "URI" in double quotes:
line 93 (uri "ldap://ldaptux.int-evry.fr:9009/dc=int-evry;dc=meta;dc=fr"; "ldap://localhost/dc=int-evry;dc=meta;dc=fr";)
/etc/openldap/slapd_meta.conf: line 93: missing address in "uri <protocol>://<server>[:port]/<naming context>" line
slapd stopped.
I can't find the right syntax to allow replicas (multiple URIs) in the uri directive of the backend-meta .
If workarounds don't work , do I need really need to hack ldap_url_parselist().
Isn't it schedule for future realeses ?
thanks.
Pierangelo Masarati wrote:
OK, forget my hints, now I remember why I didn't do that right from the beginning: the call to ldap_initialize cannot assess whether the server is up or not, since the connection is actually established when the first operation is attempted. There needs be a lot of reworking to allow this kind of feature (which is not impossible in principle), but a lot of specific coding is required, and it cannot definitely done at the API level (unless extensively playing with the LDAP* structure)
More on this: the point is that ldap_initialize() expects a comma/space separated url list; unfortunately, I chose to use a (legal) URI of the form <PROTO>://[<host>]:[<PORT>]/<DN> to simultaneously specify the protocol, the host, the port AND the base dn for a specific target, and the commas in the dn are erroneously parsed into illegal URIs.
One workaround is to change ldap_url_parselist() to use only spaces as separators (dunno who relies on URI lists being comma-separated, though).
Another workaround is to use semicolons ';' to separate RDNs in the <DN> part of the URI; note that semicolons as RDN separators are deprecated, but currently accepted by OpenLDAP's DN parsing code, as required by rfc2253.
This way, you can specify a list of URIs. I haven't checked if the URIs are tried in sequence in case one or more fail.
P.M.