[Date Prev][Date Next] [Chronological] [Thread] [Top]

using cn=config to retrieve DIT records

To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: using cn=config to retrieve DIT records
From: Igor Shmukler <igor.shmukler@gmail.com>
Date: Mon, 2 Mar 2015 10:34:50 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=Wn+xJhZ1o9Bh/VSA8tH51emArh5NKhuDK+HrhZkDeRU=; b=p6xxi+5VYZjEPIjF6i+tcl+WWrI+8sY6TDSbp44ePU6Eod+HDRrsWPkkgXW4qTPQck sqSlGIf2snJR3iPMYC9ZXkVstfat9G6mDR53fUzTCzjyisyJDHH1a5kjXuDape9N9CkN ABMQ4ymhEr/mKhas/B9ZNWm3UjCm2pLymR3cYF2FEmHfqeOTiQ51mrITXUVJIJzKK1Ln g6mmaNTbTMS9vcnMyIj9iKfncqO3yFYU5Iiexmz/5iDLiRxtrzksn4d9SK8emmAsEh23 UVeGgYUd8WtvS3DXjQdfqjd1VwF+/+AQDLy4py9RZIuN3CA06icaDjrZCEreAa6skLdr h9/g==

Hello,

I have a  multi-tenant [multiple DITs] LDAP directory setup.
One of things that I need to be able to do, is to retrieve records
from individual domain [DIT] -level databases using "superuser"
credentials.

I am able to do what I need using Unix sockets, as in:
$sudo ldapsearch -Y EXTERNAL -H ldapi:/// -b dc=example,dc=com

I want to use network credentials and network library to retrieve my
information. I am currently able to do this using DIT -level
credentials.

If I set salt the config password, is there something that would
fundamentally prevent the below from working?
$ldapsearch -D cn=config -h IPADRRESS -W -b dc=example,dc=com

Suggestions?

Sincerely,

Igor Shmukler

Follow-Ups:
- Re: using cn=config to retrieve DIT records
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Centos yum repo for openldap 2.4.40
Next by Date: Re: using cn=config to retrieve DIT records
Index(es):
- Chronological
- Thread