[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: changing the base dn

To: <openldap-software@openldap.org>
Subject: RE: changing the base dn
From: "Douglas B. Jones" <douglas@gpc.edu>
Date: Wed, 18 Oct 2006 14:14:40 -0400
In-reply-to: <200610181307.47437.bgmilne@staff.telkomsa.net>
Organization: Georgia Perimeter College
Thread-index: AcbywF3rvPktbcdMQXuOB7+J+sfC1AAHn8ag

Hi everyone - thanks for the great replies!!!!

To try to clarify, I currently have a netscape server on port 389.
I now have a openldap 2.3.27 set up with all the data port 900. I
The ns is set up as o=x,c=us. The openldap is set up as dc=group1,dc=x,dc=y.
If I do a ldapsearch on port 900 with a base of o=x,c=us, I want
it to return the result with a base of dc=group1,dc=x,dc=y.

database	relay
suffix	"o=x,c=us"
relay		"dc=group1,dc=x,dc=y"

database	bdb
suffix	"dc=group1,dc=x,dc=y"
...

and when I try to start up the openldap, I get:

'cannot find database of relay "dc=group1,dc=x,dc=y" in "relay <db>
[message]".

Another way of looking at what I want to do is:

1) if the outlook base dn is o=x,c=us, I want this to work on the
server with dc=group1,dc=x,dc=y. Right now, a lot of our users have
the base dn and we want to make the migration easier for them.

2) if I do:

ldapsearch -h host1 -p 389 -b o=x,c=us uid=userx cn

on the ns port, I would get back the expect results - the ns
server has that base dn.

ldapsearch -h host2 -p 900 -b o=x,c=us uid=userx cn

will fail, for host to has the base of dc=group1,dc=x,dc=y. If
I do:

ldapsearch -h host2 -p 900 uid=userx cn

then it returns what I expect, for dc=group1,dc=x,dc=y is the
default base dn.

I hope this all makes sense. Thanks for any help!

-----Original Message-----
From: openldap-software-bounces+douglas=gpc.edu@openldap.org
[mailto:openldap-software-bounces+douglas=gpc.edu@openldap.org] On Behalf Of
Buchan Milne
Sent: Wednesday, October 18, 2006 7:08 AM
To: openldap-software@openldap.org
Cc: Douglas B. Jones
Subject: Re: changing the base dn

On Tuesday 17 October 2006 17:40, Douglas B. Jones wrote:
> If I have an old base dn of uid=jdoe,o=x,c=us and I want
> to redirect all such client queries to uid=jdoes,dc=group1,dc=x,dc=y;
> what is the best way to do this? The old base is on an old netscape
> server and the new one is on openldap 2.3.27. Thanks!

Assuming you have migrated all of the content from o=x,c=us on the old 
Netscape server to live under dc=group1,dc=x,dc=y on the OpenLDAP server, 
which you would like to have visible to clients searching the new server 
under o=x,c=us, you should consider using back-relay as the backend for 
o=x,c=us.

See the man page for slapd-relay for details.

Regards,
Buchan

-- 
Buchan Milne
ISP Systems Specialist - Monitoring/Authentication Team Leader
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)

References:
- Re: changing the base dn
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>

Prev by Date: Re: load balancer with SSL
Next by Date: Re: load balancer with SSL
Index(es):
- Chronological
- Thread