[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Can I bind to server with DN not on server ?
Howard Chu wrote:
If you're using OpenLDAP 2.1 or newer, you can use back-ldap for distributing
the tree instead of using referrals. In this case, all of the naming contexts
will be defined on all of the servers, but some portions will be local
databases and some portions will be proxied via back-ldap. So in effect all
of your binds will always be contained within any of the servers' naming
contexts.
In server A:
database ldap
suffix ou=nyc,o=xyz
subordinate
uri ldap://serverB
database ldap
suffix ou=dca,o=xyz
subordinate
uri ldap://serverC
database bdb
suffix o=xyz
In server B:
database bdb
suffix ou=nyc,o=xyz
subordinate
database ldap
suffix ou=dca,o=xyz
subordinate
uri ldap://serverC
database ldap
suffix o=xyz
uri ldap://serverA
(And server C is pretty much configured like server B)
Do B & C have to know about each other explicitly or can they get to
each other's portion of the tree through A ? like so:
In server A (same as before):
database ldap
suffix ou=nyc,o=xyz
subordinate
uri ldap://serverB
database ldap
suffix ou=dca,o=xyz
subordinate
uri ldap://serverC
database bdb
suffix o=xyz
In server B (no direct knowledge of C):
database bdb
suffix ou=nyc,o=xyz
subordinate
database ldap
suffix o=xyz
uri ldap://serverA
Thanks for your help,
Tom
--
Tom Riddle
HighStreet Networks
www.highstreetnetworks.com