[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP Referrals

To: "Mack J. Jenkins, II" <mack.jenkins@gmail.com>
Subject: Re: OpenLDAP Referrals
From: Michael Ströder <michael@stroeder.com>
Date: Wed, 27 Feb 2008 01:12:37 +0100
Cc: openldap-software@openldap.org
In-reply-to: <D1E191B5-A529-4D68-A671-153A7006DAB7@gmail.com>
References: <C88795AF-B702-4AD7-BA1D-A182EFD2AADC@gmail.com> <hbf.20080222upss@bombur.uio.no> <fcbf6b50802251140w3e60cc08u9ef943df70d182fa@mail.gmail.com> <87zlto5737.fsf@magenta.l4b.de> <47C3F2DE.20409@symas.com> <D1E191B5-A529-4D68-A671-153A7006DAB7@gmail.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.11) Gecko/20071128 SeaMonkey/1.1.7

Mack J. Jenkins, II wrote:

So in my example, I am using Avential To authenticate against my OPENLdap server. If that account is not on the local OpenLDAP server, but on another OpenLDAP server, referrals will not pass along the request?


Please re-read the former response more carefully:

http://www.openldap.org/lists/openldap-software/200802/msg00348.html

Ando even mentioned the relevant man-pages.

I will have to look up X.500 DAP services and go that route?


Nope!

Just want to clarify before I abandon the referral route.


Referrals are a mess in most use-cases anyway.

Use back-ldap to pass the client's requests to the remote server and use "subordinate" directive in slapd.conf to glue it all together with your local database. Take care of separate names spaces (search bases and user IDs).

As usual OpenLDAP's FAQ-O-MATIC is a valuable source of information. These articles could give you an idea:

http://www.openldap.org/faq/data/cache/532.html

http://www.openldap.org/faq/data/cache/1299.html

And please read this stuff and try yourself!

Ciao, Michael.

--
Michael Ströder
E-Mail: michael@stroeder.com
http://www.stroeder.com

References:
- OpenLDAP Referrals
  - From: "Mack J. Jenkins, II" <mack.jenkins@gmail.com>
- Re: OpenLDAP Referrals
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: OpenLDAP Referrals
  - From: "Mack Jenkins" <mack.jenkins@gmail.com>
- Re: OpenLDAP Referrals
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: OpenLDAP Referrals
  - From: Howard Chu <hyc@symas.com>
- Re: OpenLDAP Referrals
  - From: "Mack J. Jenkins, II" <mack.jenkins@gmail.com>

Prev by Date: Re: Strange TLS behaviour with slapd 2.3.30 on Debian Etch
Next by Date: Re: Strange TLS behaviour with slapd 2.3.30 on Debian Etch
Index(es):
- Chronological
- Thread