Question about referrals

["Reinier Kleipool" <Reinier@Kleipool.org>]

Hello Everyone,

  I have a question about referrals.
I have configured two openldap servers:
* one for dc=overschie,dc=nl
* a second one for dc=team2,dc=overschie,dc=nl

In the first I have a referral to the second for subtree
dc=team2,dc=overschie,dc=nl

reinierk@titan:~> ldapsearch -M -LLL objectclass=referral
dn: dc=team2,dc=overschie,dc=nl
objectClass: extensibleObject
objectClass: referral

For some reason I do not see the value for the ref attribute... But the
referral works if you set the base to this container:

reinierk@titan:~> ldapsearch -LLL -b dc=team2,dc=overschie,dc=nl
givenname=christina cn
Referral (10)
Matched DN: dc=team2,dc=overschie,dc=nl
Referral: ldap://mail.overschie.nl/dc=team2,dc=overschie,dc=nl

And when chasing the referral:

reinierk@titan:~> ldapsearch -LLL -C -b dc=team2,dc=overschie,dc=nl
givenname=christina cn
dn: uid=christina,ou=people,dc=team2,dc=overschie,dc=nl
cn: Christina Aguilera

But why can't I find Christina when I set the searchbase to
dc=overschie,dc=nl scope sub. I would expect that you traverse the tree in
the first server, and when you hit the referral object you continue the
search on the second server.
This way you can search the whole distributed directory tree when you set
the searchbase to the top of my tree (dc=overschie,dc=nl). This is the way,
I suppose, you can set-up a distibuted tree for an organisation, and search
the whole organisation for Christina.

Is this the way it is supposed to work or am I missing a point here???
If so what is wrong with my set-up?


Vriendelijke groet / Kind Regards,
Reinier Kleipool,
Network Engineer,
Protocomix
Rotterdamserijweg 122
3042 AS Rotterdam
Tel 0654 227144
Fax 010 245 0902
Reinier@protocomix.nl