[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Problem binding two naming contexts
On Tue, 2005-11-22 at 10:30 +0100, Jan-Piet Mens wrote:
> I'm using OpenLDAP 2.3.11 and I'd like to set up this server
> to serve a single base (naming doesn't really matter) which
> retrieves entries from a local BDB backend as well as a foreign
> LDAP backend.
>
> If I try do make the foreign back-ldap subordinate of my
> naming context, an ldapsearch retrieves the desired values, but
> only on the very first invocation after starting the local
> server; on subsequent invocations it doesn't return the entries
> previously found. I have
This is not working the way you intend it because of issues with the
design of slapo-rwm that does not interact smoothly with the glue (see
ITS#3971, it's on my todo list).
One alternative is to put slapo-rwm as a global overlay, so that
rewriting occurs __before__ gluing. An example is provided in test039,
which does exactly this.
>
> database ldap
> overlay rwm
> uri "ldap://ldap1.example.com/ ldap://ldap2.example.com/";
> rwm-suffixmassage "ou=People,dc=other,dc=com" "ou=People,dc=example,dc=com"
> suffix "ou=People,dc=other,dc=com"
> subordinate
> rwm-map attribute uid *
> rwm-map attribute cn *
> rwm-map attribute sn *
> rwm-map attribute givenname *
> rwm-map attribute mail *
> rwm-map attribute telephonenumber *
> rwm-map attribute usercertificate;binary *
> rwm-map attribute *
> rwm-map objectclass person *
> rwm-map objectclass inetorgperson *
> rwm-map objectclass *
> lastmod off
>
> database bdb
> suffix "dc=other,dc=com"
> rootdn "cn=Manager,dc=other,dc=com"
> ...
>
>
> Alternatively, I tried binding the two backends with back-meta as in
>
> database bdb
> suffix "dc=other,dc=com"
> ..
>
> database ldap
> overlay rwm
> uri "ldap://ldap1.example.com/ ldap://ldap2.example.com/";
> suffix "dc=example,dc=com"
>
> database meta
> suffix "dc=foo,dc=com"
> overlay rwm
>
> uri "ldap://localhost/dc=other,dc=com";
> default-target
> rwm-suffixmassage "dc=foo,dc=com" "dc=other,dc=com"
>
> uri "ldap://localhost/dc=example,dc=com";
> rwm-suffixmassage "dc=foo,dc=com" "dc=example,dc=com"
>
> hoping to find the content of both DSA under dc=foo,dc=com, but
> that doesn't work for me.
>
> What am I doing wrong? I'd like a single search base (o=anything)
> to find entries under both naming contexts.
You made that faaaaar too complicated, and you don't (yet) need the rwm
with back-meta: rwm capabilities are builtin; an example is provided in
test035, however you may try this:
<slapd.conf>
database bdb
suffix "dc=other,dc=com"
# ...
database meta
suffix "dc=foo,dc=com"
# remote, with builtin rewrite
uri "ldap://localhost/ou=People,dc=foo,dc=com";
suffixmassage "ou=People,dc=foo,dc=com" "ou=People,dc=example,dc=com"
map attribute ...
map objectClass ...
# local, with builtin rewrite
uri "ldap://localhost/dc=foo,dc=com";
suffixmassage "dc=foo,dc=com" "dc=example,dc=com"
</slapd.conf>
Anyway, I suggest using back-ldap with global rwm. All of this will be
simplified, some time.
p.
Ing. Pierangelo Masarati
Responsabile Open Solution
SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office: +39.02.23998309
Mobile: +39.333.4963172
Email: pierangelo.masarati@sys-net.it
------------------------------------------