[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Rép. : Re: Question about 'Chain' openLdap directory



On Fri, 2006-01-06 at 15:11 +0100, Eudes LEDUCQ wrote:
> Hi,
>  
> there is no way to specify the user and login to use to follow a
> referral when I create a referral link ?

referral => the client has to take care of it.

OpenLDAP clients do not provide (by design) any means to specify those
values; since they're intended for simple, basic usage of LDAP
operations, providing the possibility to specify a new DN and a password
(for simple bind) or a new userid and credentials and anything else
required (for SASL bind) would be like using an ICBM to kill mosquitos.

Just cut'n'paste the referral URI in the -H option, replace the identity
related values and re-run the tool.

Of course, I can't speak for non-OpenLDAP tools.

p.

>  
> thx
> 
> >>> "Pierangelo Masarati" <ando@sys-net.it> 01/06 10:33  >>>
> > Hi,
> >
> > For my test I have created two openLdap with the same base structure
> >
> > Server one:
> > dc=XX,dc=YY
> > cn=Manager,dc=XX,dc=YY
> > o=service1
> >
> > Server two:
> > dc=XX,dc=YY
> > cn=Manager,dc=XX,dc=YY
> > o=service2
> >
> > but they not contened the same datas.
> >
> > i have created a referral link between server 1 or server 2. it's
> work
> > fine.
> >
> > Now I have a third server like:
> > o=XX
> > ou=Admin,o=XX
> > cn=Manager,ou=Admin,o=XX
> >
> > So I'm not able to make a referral link between server1 and server 3
> >
> > so I want to chain the two directories.
> >
> > is it possible ?
> 
> Yes.
> 
> In the first and in the second one, before any database, add
> 
> referral ldap://server3
> 
> in the third, add
> 
> referral ldap://server1
> 
> or
> 
> referral ldap://server2
> 
> or even both:
> 
> referral ldap://server1
> referral ldap://server2
> 
> under the assumption your client can survive multiple referrals, and
> it
> can handle sequences of referrals (e.g. when searching server3 with
> the DN
> "o=service2,dc=XX,dcYY", it will return a referral to server1, which,
> on
> turn, will return a referral to server2).
> 
> However, if your client is configured to rebind with the same user to
> chase referrals, there is no common user in the three referrals.  This
> makes sense, and I don't see an obvious way of solving this.  It's
> your
> client that, upon receiving a referral, should determine if it knows
> any
> identity that can be used to chase it (based on the host name, the
> requestDN and so) or, as a failover, prompt the user for one.
> 
> Since your client is not distributed by OpenLDAP, and since I'm not
> familiar with it, I can't provide further help.  OpenLDAP tools do not
> provide any of these features, as far as I know.
> 
> p.
> 
> 
> 
> Ing. Pierangelo Masarati
> Responsabile Open Solution
> OpenLDAP Core Team
> 
> SysNet s.n.c.
> Via Dossi, 8 - 27100 Pavia - ITALIA
> http://www.sys-net.it
> ------------------------------------------
> Office:   +39.02.23998309          
> Mobile:   +39.333.4963172
> Email:    pierangelo.masarati@sys-net.it
> ------------------------------------------
> 
> 




Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309          
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------