[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Multiple Search Paths

To: "Tibbetts, Ric" <ric.tibbetts@ngc.com>
Subject: Re: Multiple Search Paths
From: Andreas <andreas@conectiva.com.br>
Date: Thu, 2 Oct 2003 10:44:25 -0300
Cc: openldap-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <3F7C2203.8030506@ngc.com>
References: <3F7C2203.8030506@ngc.com>
User-agent: Mutt/1.5.4i

On Thu, Oct 02, 2003 at 09:02:59AM -0400, Tibbetts, Ric wrote:
> This is probably a quick & simple one.

Not exactly :)

> I need to set up multiple search paths for user accounts.
> I have several departments in my DIT that could contain department only 
> accounts, as well as a general user base. So for any given user (within 
> a domain), I need to do two searches (for login authentication).

I had to do the same thing.

> My main user base is in (for example):
> 
> 	ou=People,dc=ldap-test,dc=com
> 
> With department specific accounts in:
> 
> 	ou=People,dc=eng,dc=mlb,dc=ldap-test,dc=com
> 
> The same condition exists with the groups, etc..
> 
> I can't seem to see both of them for login authentication from the 
> client. In my client (Redhat 9) ldap.conf, I have:
> 
> # The distinguished name of the search base.
> base dc=eng,dc=mlb,dc=ldap-test,dc=com

Hmm, seems easy enough. Just point the search base to dc=ldap-test,dc=com.
The client will search the whole tree, however, so this might be an expensive
operation depending on your directory layout.

> On Solaris, I can specify more than one search path. How do you do that 
> with Linux?

My scenario was a bit more complicated, search the archives for the past
week or so for my post with some ascii-art describing my layout and what
I did to solve this for my case.

References:
- Multiple Search Paths
  - From: "Tibbetts, Ric" <ric.tibbetts@ngc.com>

Prev by Date: Multiple Search Paths
Next by Date: Re: Pb to restart Openldap
Index(es):
- Chronological
- Thread