[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Rép. : Re: Question about 'Chain' openLdap directory
- To: Eudes LEDUCQ <LEDUCQ@hec.fr>
- Subject: Re: Rép. : Re: Question about 'Chain' openLdap directory
- From: Pierangelo Masarati <ando@sys-net.it>
- Date: Fri, 06 Jan 2006 16:02:12 +0100
- Cc: openldap-software@OpenLDAP.org
- In-reply-to: <s3be8891.041@MI151.HEC.FR>
- References: <s3be8891.041@MI151.HEC.FR>
On Fri, 2006-01-06 at 15:11 +0100, Eudes LEDUCQ wrote:
> Hi,
>
> there is no way to specify the user and login to use to follow a
> referral when I create a referral link ?
referral => the client has to take care of it.
OpenLDAP clients do not provide (by design) any means to specify those
values; since they're intended for simple, basic usage of LDAP
operations, providing the possibility to specify a new DN and a password
(for simple bind) or a new userid and credentials and anything else
required (for SASL bind) would be like using an ICBM to kill mosquitos.
Just cut'n'paste the referral URI in the -H option, replace the identity
related values and re-run the tool.
Of course, I can't speak for non-OpenLDAP tools.
p.
>
> thx
>
> >>> "Pierangelo Masarati" <ando@sys-net.it> 01/06 10:33 >>>
> > Hi,
> >
> > For my test I have created two openLdap with the same base structure
> >
> > Server one:
> > dc=XX,dc=YY
> > cn=Manager,dc=XX,dc=YY
> > o=service1
> >
> > Server two:
> > dc=XX,dc=YY
> > cn=Manager,dc=XX,dc=YY
> > o=service2
> >
> > but they not contened the same datas.
> >
> > i have created a referral link between server 1 or server 2. it's
> work
> > fine.
> >
> > Now I have a third server like:
> > o=XX
> > ou=Admin,o=XX
> > cn=Manager,ou=Admin,o=XX
> >
> > So I'm not able to make a referral link between server1 and server 3
> >
> > so I want to chain the two directories.
> >
> > is it possible ?
>
> Yes.
>
> In the first and in the second one, before any database, add
>
> referral ldap://server3
>
> in the third, add
>
> referral ldap://server1
>
> or
>
> referral ldap://server2
>
> or even both:
>
> referral ldap://server1
> referral ldap://server2
>
> under the assumption your client can survive multiple referrals, and
> it
> can handle sequences of referrals (e.g. when searching server3 with
> the DN
> "o=service2,dc=XX,dcYY", it will return a referral to server1, which,
> on
> turn, will return a referral to server2).
>
> However, if your client is configured to rebind with the same user to
> chase referrals, there is no common user in the three referrals. This
> makes sense, and I don't see an obvious way of solving this. It's
> your
> client that, upon receiving a referral, should determine if it knows
> any
> identity that can be used to chase it (based on the host name, the
> requestDN and so) or, as a failover, prompt the user for one.
>
> Since your client is not distributed by OpenLDAP, and since I'm not
> familiar with it, I can't provide further help. OpenLDAP tools do not
> provide any of these features, as far as I know.
>
> p.
>
>
>
> Ing. Pierangelo Masarati
> Responsabile Open Solution
> OpenLDAP Core Team
>
> SysNet s.n.c.
> Via Dossi, 8 - 27100 Pavia - ITALIA
> http://www.sys-net.it
> ------------------------------------------
> Office: +39.02.23998309
> Mobile: +39.333.4963172
> Email: pierangelo.masarati@sys-net.it
> ------------------------------------------
>
>
Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team
SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office: +39.02.23998309
Mobile: +39.333.4963172
Email: pierangelo.masarati@sys-net.it
------------------------------------------