Full_Name: Sandeep Singh
Version: openldap-2.4.35
OS: CentOS Linux release 6.0
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (202.137.232.113)


Hello,

 

We have configured an openldap server with mysql as the backend. It is working
fine as well.

 

We have a scenario where we feel it is not behaving the way it is required. 

 

We have multiple domains say:-

1)       abc.com

2)       xyz.com

 

Have mapped user as:-

1)       mail=man1@red.com,dc=abc,dc=com with password=man1r

2)       mail=man2@red.com,dc=abc,dc=com with password=man2r

3)       mail=man1@sad.com,dc=xyz,dc=com with password=man1s

4)       mail=man2@sad.com,dc=xyz,dc=com with password=man2s

 

 

When we search for result using:-

 

ldapsearch -x -D "mail=man1@red.com,dc=abc,dc=com" -W -b "dc=abc,dc=com"

 

It gives us output / result shown is of domains abc.com i.e.
�mail=man1@red.com,dc=abc,dc=com & mail=man1@red.com,dc=abc,dc=com� � Which is
correct

 

 

But when we search for results using:-

 

ldapsearch -x -D "mail=man1@red.com,dc=abc,dc=com" -W -b "dc=xyz,dc=com"

 

Then the output / result shown is of domain xyz.com i.e. 
�mail=man1@sad.com,dc=xyz,dc=com & mail=man2@sad.com,dc=xyz,dc=com� because the
base search is �dc=xyz,dc=com� � Which is not correct as
mail=man1@red.com,dc=abc,dc=com does not belong to xyz.com domain

 

So we want to authenticate and  display user along with the list of other users
from the same domain and not from the other domain.

 

Please suggest how to overcome / solve the issue.