Hallvard B Furuseth wrote: [...] > No, "nil" is not an LDAP term Thats why I put it in quotes - I didn't have a better term to say "the DN cannot be found on the current server and the Client has no clue where to look for it". > Put the DNs of the entries in question in the seeAlso attribute, just > as you would do if the entries they point at were stored in server A. > > Then set up server A so that attempts to look up an entry under > ou=X,o=Y,c=Z will return a referral to server B to the client, or will > cause server A to contact server B and return the results to the client. Ok, so I wasn't on the wrong way. > The simplest way is to put > referral ldap://server B/ > in slapd.conf, so that attempts to look up _any_ entry outside > dc=tu-clausthal,dc=de in server A will return a referral to server B. Hmm, I might have to refer to some other LDAP server in the future, so this is a bit too simple. Too bad that there isn't a "refer-to"-backend that just refers someone querying it's suffix to a different server. Since I just want "referential integrity", i.e. the Server to know _something_ (even just a Referral) about a DN below "ou=X,o=Y,c=Z", I don't need the server to chase the referral. So I could add a second bdb (or even ldif!?) backend as Readonly etc, that just contains a referral entry for "ou=X,o=Y,c=Z"? bye Christian -- Christian Marg mail : mailto:marg@rz.tu-clausthal.de Rechenzentrum TU Clausthal web : http://www.tu-clausthal.de D-38678 Clausthal-Zellerfeld fon : 05323/72-2626 Germany jabber: ifcma@jabber.tu-clausthal.de
Attachment:
signature.asc
Description: OpenPGP digital signature