[Date Prev][Date Next] [Chronological] [Thread] [Top]

bind and search using different backends?

To: openldap-software@OpenLDAP.org
Subject: bind and search using different backends?
From: Emmanuel Dreyfus <manu@netbsd.org>
Date: Fri, 16 Dec 2005 18:41:22 +0000
Content-disposition: inline
User-agent: Mutt/1.4.2.1i

Hello

I'd like to use two backends for the same suffix, and have one querried for
bind/unbind and the other for other operations such as search. Is it posible?

The goal is to provide the directory from a bdb backend and the authentication
through a shell backend. I tried this in my config file:

database        shell
subordinate
suffix          "dc=example,dc=net"
bind    	/usr/local/sbin/foo
unbind  	/usr/local/sbin/foo

database        bdb
suffix          "dc=example,dc=net"
directory       /var/openldap/openldap-data
index   objectClass     eq

But slapd does not want to start because the two databases serve the same
namecontext. Did I misunderstood how the subordinate statement works? Am I
trying to do something that cannot be done?

If it cannot be done that way, I'm looking for other ideas. 

1) Have the shell backend implementing searches by querrying another 
database. It seems I could even query the same LDAP server if I rewrite
the suffix. That does not sounds very exciting but it seems to be a 
possible way.

2) write an overlay. This seems the hard way, but as I understood, I can 
hook my custom code for bind/unbind operations. There does not seem to be
many documentation available on the API, is there?

-- 
Emmanuel Dreyfus
manu@netbsd.org

Follow-Ups:
- Re: bind and search using different backends?
  - From: Pierangelo Masarati <ando@sys-net.it>

Prev by Date: Re: RDN with UUID syntax?
Next by Date: Re: bind and search using different backends?
Index(es):
- Chronological
- Thread