[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldap backend + ldapi (fwd)
Daniel Henninger <daniel@unity.ncsu.edu> writes:
> Would you mind showing me the part of your config that is for the ldap
> backend? (XXXX'd out passwords if there are any, of course)
>
> Daniel
>
>>> Frankly, I'm at present using back-ldap with proxycache over ldapi for
>>> postfix authentication and mailrouting, the uptime is now 38 days.I
>>> must admit that it is an elder HEAD version. But even with 2.1.13
>>> back-meta with a few rewriting rules was rock stable, but without
>>> proxycache at that time. While back-ldap has about 4 search requests
>>> per minute, the server (2.2.14) answers more than 40 search requests per
>>> minute, as it primarily supports pam and an addressbook.
>>
>> ;) That's all fine and good, but that's not helping it work for
>> me. hehehe I don't understand why it's failing or anything. I may
>> have to turn on super logging and hope it doesn't run me out of disk
>> space. ;)
>>
>> Do you use back-ldap or back-meta? Why would be the benefit of
>> back-meta instead? From the docs, it seems like all it does is call
>> back-ldap. Do you actually use back-ldap or back-meta in your
>> config?
I use back-ldap at present.The benefit of back-meta ist, that you can
send requests to multiple servers, see man slapd-ldap(5) and
slapd-meta(5). Here is my slapd.conf
# ldap backend
#######################################
database ldap
lastmod off
rewriteEngine on
suffix "dc=ORANGE,dc=DE"
suffixmassage "dc=ORANGE,dc=DE" "o=avci,c=de"
rootdn "xxxx"
rootpw xxxxx
binddn "xxxxx"
bindpw xxxxx
uri ldapi://%2fusr%2flocal%2fvar%2frun%2fldapi
overlay proxycache
proxycache hdb 50000 2 500 3600
proxyAttrset 0 cn sn
proxyAttrset 1 mail telephoneNumber
proxytemplate (|(sn=)(cn=)) 1 3600
directory /usr/local/openldap/var/db
access to dn.subtree=o=AVCI,c=DE by * read
cachesize 2000
index objectclass eq
index cn,sn,mail,uid,pres,eq,sub
-Dieter
--
Dieter Klünter | Systemberatung
Tel.: +49.40.64861967
Fax : +49.40.64891521
http://www.avci.de