[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: back-sql mysql and multiple DITs
Thank you very much,
Using "" as the second suffix worked.
Is there a solution that will work for additional DITs too, for example if I wanted 6 of them ?
I saw that when I set the suffix = "" for two DITs, slapd complained that...
<suffix> namingContext "" already served by a preceding sql database serving namingContext ""
Thanks again for such a fast and accurate response
Alan
-----Original Message-----
From: openldap-technical-bounces@OpenLDAP.org [mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Dieter KlÃnter
Sent: Sunday, March 02, 2014 12:32 AM
To: openldap-technical@openldap.org
Subject: Re: back-sql mysql and multiple DITs
Am Sun, 2 Mar 2014 05:55:30 +0000
schrieb "Robson, Alan" <alan.robson@viasat.com>:
> Hi,
>
> I have tried to set up a single instance of slapd serving information
> from two DITs that have been defined in separate mysql databases. I
> can comment out the database entries for either DIT, and everything
> works for the other DIT. But it won't support the two DITs
> simultaneously (it seems random which DIT will return results and
> which returns "no such object" when I restart slapd with both DITs
> configured). All the odbc stuff for both backends seems fine, isql
> runs and of course either database can be accessed through ldapsearch
> if it is the only one slapd serves.
>
> I can even run two instances of slapd, one with each DIT and
> successfully query them separately with ldapsearch, but I'd prefer one
> instance with the two DITs if possible. Could you please help me get
> this running, or is it just the law that only one sql backend can be
> used per server ?
>
> Many thanks
>
> Alan
>
> Slaptest says (when both DITs are defined in one slapd.conf)...
>
> WARNING: No dynamic config support for database sql.
> WARNING: No dynamic config support for database sql.
> config file testing succeeded
>
> slapd.conf (with both backends/DITs) is:
>
> # $OpenLDAP$
> #
> # See slapd.conf(5) for details on configuration options.
> # This file should NOT be world readable.
> #
> loglevel 64
>
> moduleload /usr/lib64/openldap/back_sql.la
> include /etc/openldap/schema/core.schema
> include /etc/openldap/schema/cosine.schema
> include /etc/openldap/schema/inetorgperson.schema
> include /etc/openldap/schema/farm.schema
>
> # Define global ACLs to disable default read access.
> # Do not enable referrals until AFTER you have a working directory #
> service AND an understanding of referrals.
> #referral ldap://root.openldap.org
>
> #pidfile /usr/local/var/slapd.pid
> #pidfile /var/run/openldap/slapd.pid
> #argsfile /usr/local/var/slapd.args
>
> ######################################################################
> #
> # sql database definitions
> ######################################################################
> #
>
> database sql
> suffix "dc=server,dc=farm"
> rootdn "cn=root,dc=server,dc=farm"
> rootpw ***********
> dbname openldap
> dbuser openldap
> dbpasswd ***************
> subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)"
> insentry_stmt "INSERT INTO ldap_entries
> (dn,oc_map_id,parent,keyval) VALUES (?,?,?,?)"
> has_ldapinfo_dn_ru no
>
> database sql
> suffix "dc=lab,dc=farm"
> rootdn "cn=root,dc=lab,dc=farm"
> rootpw **********
> dbname lab
> dbuser ldap
> dbpasswd ********
> subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)"
> insentry_stmt "INSERT INTO ldap_entries
> (dn,oc_map_id,parent,keyval) VALUES (?,?,?,?)"
> has_ldapinfo_dn_ru no
There are some solutions
1. define NULL values for suffix, that is suffix ""
2. attach 1 sql database to a subordinate relay database with
additional rwm modul and a suffixmassage rule.
-Dieter
--
Dieter KlÃnter | Systemberatung
https://urldefense.proofpoint.com/v1/url?u=http://sys4.de/&k=OWT%2FB14AE7ysJN06F7d2nQ%3D%3D%0A&r=OzuJgNYWNrY%2F3yqABVDsLpgwbUfST3hTZUuwDEyrkFA%3D%0A&m=OZNhaL9fGGK3VCDH1w0LG1wnv9Ch5iSTL%2B2sBwEUYbE%3D%0A&s=6dcb7e32b3d092ed1f448c2e2bd728ed304e06be6a237262e4b21ada7a849c65
GPG Key ID: E9ED159B
53Â37'09,95"N
10Â08'02,42"E