Re: dynlist overlay searching in a different server

[Howard Chu <hyc@symas.com>]

Angel L. Mateo wrote:
> Hello,
>
> 	I have two different LDAP servers containing different information
> about my users. In one of them, I'm trying to configure dynlist overlay
> to dinamically add attributes for users, so I have configured dynlist.
> I'm using the labeledURI attribute with a value like this:
>
> labeledURI:
> ldap://<the_other_server>:389/dc=usuarios,dc=mydomain,dc=com?irisClassifCode,sn1,givenName?one?(irisPersonalUniqueID=<userID>)
>
> 	Whenever I look for a user I get the error:
>
> Jan 10 13:07:07 canis12 slapd[12689]: dynlist_prepare_entry("<userDN>"):
> illegal URI
> "ldap://<the_other_server>:389/dc=usuarios,dc=mydomain,dc=com?irisClassifCode,sn1,givenName?one?(irisPersonalUniqueID=<userID>)"
>
> 	If I remove the server part of the URI, like:
>
> labeledURI:
> ldap:///dc=usuarios,dc=mydomain,dc=com?irisClassifCode,sn1,givenName?one?(irisPersonalUniqueID=<userID>)
>
> 	but, obviously, I'm not getting the additional attributes (because this
> LDAP directory doesn't have them).
>
> 	What am I doing wrong? Could I use a LDAP URI directed to another LDAP
> server?
Read the slapo-dynlist(5) manpage. It says quite clearly:

	      The optional URI restricts expansion only  to  entries  matching
              the DN, the scope and the filter portions of the URI.

Nothing else in the URI is valid.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/