[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: glue ehancement?



Aaron Richton wrote:
Maybe I'm understanding the requirements incorrectly, but what's wrong
with http://www.openldap.org/lists/openldap-software/200802/msg00136.html?

That was of course my original suggestion in the ITS. It works for most situations because we patched nss_ldap to work with multiple service search descriptors. However the automounter he's using talks to LDAP directly, it doesn't go thru the name service switch, and it isn't smart enough to handle multiple SSDs. Thus the problem.


I agree with Dieter that I don't see how the referenced ITS applies.

For one project, I used:

database hdb
subordinate
suffix "ou=Local Users,dc=rutgers,dc=edu"

database ldap
suffix "dc=rutgers,dc=edu"

in production for a couple years. It didn't work until 2.3.27 or so, when
enhancements to back-ldap/meta made it possible. "Local Users" is
politically guaranteed to be disjoint in this case. IIRC duplicates will
indeed show up twice, with the local entry first.

I also recall the glue syntax changes of the 2.3.3-era. There were
concerns over the amount of rope available there; make sure to keep those
discussions in mind...


--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP     http://www.openldap.org/project/