Re: Overlay chain formatting

[Gavin Henry <ghenry@OpenLDAP.org>]

Justin Lambert wrote:
> I have spent the last week off and on trying to figure out why my chain 
> overlay was not working correctly.  I tried all combinations of it that 
> I could find and finally found out that the parser of the slapd.conf 
> file is picky about spacing.  I was trying to make my config file look 
> nice by indenting the options under "overlay chain" only to find after 
> many frustrating hours that you cannot do that!  I didn't find anywhere 
> that that was explicitly documented (even though all of the examples 
> were not formatted that way).  I finally caught it when I upgraded to 
> 2.4.7 wondering if there was a bug and slaptest gave a very unhelpful 
> error, but it did help me narrow it down.  Hopefully this will save 
> someone my same frustrations.
>
>  
>
> Incorrect way:
>
> overlay                 chain
>
>                                 chain-uri                              
> "ldap://host";
>
>                                 chain-rebind-as-user      TRUE
>
>                                 chain-idassert-bind         
> bindmethod="simple" binddn="binduser" credentials="secret" mode="self"
>
>                                 chain-return-error           TRUE
>
>  
>
>  
>
> Correct way:
>
> overlay                                 chain
>
> chain-uri                              "ldap://host";
>
> chain-rebind-as-user      TRUE
>
> chain-idassert-bind         bindmethod="simple" binddn="binduser" 
> credentials="secret" mode="self"
>
> chain-return-error           TRUE
>
>  
>
>  
>
> Justin

This is also the example at:

http://www.openldap.org/doc/admin24/overlays.html#Chaining

--
Kind Regards,

Gavin Henry.
OpenLDAP Engineering Team.

E ghenry@OpenLDAP.org

Community developed LDAP software.

http://www.openldap.org/project/