[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: backend-meta usage



Try something more like:

database        meta
suffix          "ou=people,o=company,c=US"
subordinate

database        bdb
suffix          "o=company,c=US"

see if that does what you want...

On Mon, 22 Jan 2007, Stephen Agar wrote:

I have an LDAP server with a base "o=company, c=us".  There is another
server which controls "ou=people,o=company,c=us",  so in slapd.conf i have
the following:

database        bdb
suffix          "o=company,c=US"
rootdn          "cn=Manager,o=company,c=US"
rootpw          *******
directory       /usr/var/openldap-data
# Indices to maintain
index   objectClass     eq
index   ou,cn,uid       eq,pres,sub

#meta test
database        meta
suffix          "ou=people,o=company,c=US"
uri             "ldap://directory.company.com/ou=People,o=company,c=US";


When I try to start slapd, I get: /etc/openldap/slapd.conf: line 84: <suffix> namingContext "o=company,c=US" already served by a preceding bdb database serving namingContext "o=company,c=US". Am I misusing meta? Can I not proxy binds/lookups to specific OUs to a secondary LDAP? I understand what the message is saying, but don't think I understand the proper use of meta.

For example, I have an ou=groups that contains "groupofnames" and the
members of those groups are like "uid=123456,ou=people,o=company,c=us". So I
want ou = groups owned on my server, then the when specific members try to
bind, they are proxied to this external LDAP server that serves
ou=people,o=company,c=us and contains their uids and passwords.  Am I going
about this the wrong way? Is there a way to accomplish what im trying to do?


Thanks in advance... --stephen