[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem with chain overlay

To: openldap-technical@openldap.org
Subject: Re: Problem with chain overlay
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Tue, 02 Feb 2010 19:27:11 +0100
In-reply-to: <55270.192.168.1.187.1265127062.squirrel@192.168.1.1> (Klaus Nagel's message of "Tue, 2 Feb 2010 17:11:02 +0100 (CET)")
References: <55270.192.168.1.187.1265127062.squirrel@192.168.1.1>
User-agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b28 (linux)

"Klaus Nagel" <m_a_i_l@web.de> writes:

> Hello, I have a little problem with the chain overlay and hope, someone
> can help me. I have a master and a slave server (both debian lenny with
> openldap 2.4.11) and a normal syncrepl replication between both, but I
> can't get the chain working.
>
> my slave slapd.conf entries:
>
> moduleload              back_ldap
> overlay                 chain
> chain-uri               "ldap://10.8.0.1:389/";
> chain-rebind-as-user    TRUE
> chain-idassert-bind     bindmethod=simple
>                         binddn="cn=admin,dc=test,dc=de"
>                         credentials=testpw
>                         mode=self
> chain-tls               start
> chain-return-error      TRUE

the global part of my slapd.conf

overlay chain
chain-uri ldap://ldap.avci.de
chain-idassert-bind
        bindmethod=simple
        binddn="cn=replicator,o=avci,c=de"
        credentials="xxx"
        mode=self
        flags=non-prescriptive
        starttls=yes
        tls_cacert=/opt/openldap/etc/openldap/certs/avciCA.pem
        tls_reqcert=demand
chain-return-error TRUE
chain-rebind-as-user TRUE
chain-tls start

-Dieter

-- 
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53°37'09,95"N
10°08'02,42"E

References:
- Problem with chain overlay
  - From: "Klaus Nagel" <m_a_i_l@web.de>

Prev by Date: Proxy Just Binds/Authentications from another LDAP?
Next by Date: Re: Problem with chain overlay
Index(es):
- Chronological
- Thread