[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: changing the base dn
Hi everyone - thanks for the great replies!!!!
To try to clarify, I currently have a netscape server on port 389.
I now have a openldap 2.3.27 set up with all the data port 900. I
The ns is set up as o=x,c=us. The openldap is set up as dc=group1,dc=x,dc=y.
If I do a ldapsearch on port 900 with a base of o=x,c=us, I want
it to return the result with a base of dc=group1,dc=x,dc=y.
database relay
suffix "o=x,c=us"
relay "dc=group1,dc=x,dc=y"
database bdb
suffix "dc=group1,dc=x,dc=y"
...
and when I try to start up the openldap, I get:
'cannot find database of relay "dc=group1,dc=x,dc=y" in "relay <db>
[message]".
Another way of looking at what I want to do is:
1) if the outlook base dn is o=x,c=us, I want this to work on the
server with dc=group1,dc=x,dc=y. Right now, a lot of our users have
the base dn and we want to make the migration easier for them.
2) if I do:
ldapsearch -h host1 -p 389 -b o=x,c=us uid=userx cn
on the ns port, I would get back the expect results - the ns
server has that base dn.
ldapsearch -h host2 -p 900 -b o=x,c=us uid=userx cn
will fail, for host to has the base of dc=group1,dc=x,dc=y. If
I do:
ldapsearch -h host2 -p 900 uid=userx cn
then it returns what I expect, for dc=group1,dc=x,dc=y is the
default base dn.
I hope this all makes sense. Thanks for any help!
-----Original Message-----
From: openldap-software-bounces+douglas=gpc.edu@openldap.org
[mailto:openldap-software-bounces+douglas=gpc.edu@openldap.org] On Behalf Of
Buchan Milne
Sent: Wednesday, October 18, 2006 7:08 AM
To: openldap-software@openldap.org
Cc: Douglas B. Jones
Subject: Re: changing the base dn
On Tuesday 17 October 2006 17:40, Douglas B. Jones wrote:
> If I have an old base dn of uid=jdoe,o=x,c=us and I want
> to redirect all such client queries to uid=jdoes,dc=group1,dc=x,dc=y;
> what is the best way to do this? The old base is on an old netscape
> server and the new one is on openldap 2.3.27. Thanks!
Assuming you have migrated all of the content from o=x,c=us on the old
Netscape server to live under dc=group1,dc=x,dc=y on the OpenLDAP server,
which you would like to have visible to clients searching the new server
under o=x,c=us, you should consider using back-relay as the backend for
o=x,c=us.
See the man page for slapd-relay for details.
Regards,
Buchan
--
Buchan Milne
ISP Systems Specialist - Monitoring/Authentication Team Leader
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)