META database root DN : no such object

To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>

Subject: META database root DN : no such object

From: Bryce Powell <Bryce.Powell@telus.com>

Date: Thu, 20 Dec 2012 14:46:17 -0700

Accept-language: en-US

Acceptlanguage: en-US

Content-language: en-US

Domainkey-signature: s=orkaan.nssi; d=telus.com; c=nofws; q=dns; h=X-IronPort-Anti-Spam-Filtered: X-IronPort-Anti-Spam-Result:Received:Received:From:To: Date:Subject:Thread-Topic:Thread-Index:Message-ID: Accept-Language:Content-Language:X-MS-Has-Attach: X-MS-TNEF-Correlator:acceptlanguage:Content-Type: MIME-Version; b=mfglWB6c5kSZ4jREVnbQMJGAZ8qHiL36IDdCJJFmpO5tNuVXoS8Ba5+p +CfAWvXDfPSwu93xqj5OGhJP843cNqwynrzRMNOw9cGQdWhH0m20xegmh 0kw5+noJxIxTKKD5UC7ji0a3X3KZmwvyZhtJRKdll4G86QQpEeZy7GPTS g=;

Thread-index: Ac3e+2sqvqlje1UfQNaiEKUr3mENDQ==

Thread-topic: META database root DN : no such object

Hi,

I’ve configured a META database to proxy two LDAP directories. Each of those LDAP directories is in turn a proxy for an Active Directory. My intention was to use the meta directory as a single point for user authentication, however, the vendor application does not allow one to use the OpenLDAP meta directory. Their LDAP authentication setup wizard performs a verification of the specified baseDN, i.e. the root DN (suffix) of the meta database, and this does not exist. As per the slapd-meta man page:

“When a search with base "dc=foo,dc=com" is attempted, if the scope is "base" it fails with "no such object"; in fact, the common root of the two targets (prior to massaging) does not exist.”

The vendor won’t change their code to skip the verification, and recommended I use Microsoft’s ADAM instead of OpenLDAP. I would prefer to leverage OpenLDAP, so does anyone have any recommendations as to what I could do?

Thanks,

Bryce

Follow-Ups:

Re: META database root DN : no such object
- From: Aaron Richton <richton@nbcs.rutgers.edu>