[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldap proxy resolution by rewriting in meta-backend
yamina wrote:
Hello,
I want to use the "LDAP Proxy resolution" mode related in the
"slapd-meta" man but I don't manage to make it works.
I wonder if it is implemented yet because I saw a message dated Fri, 16
Jan 2004 17:09:10 +0100 in which the same problem is not solved.
That man page is a copy and paste from a white paper. That feature is a
TODO and should be removed from the man page.
You might be able to obtain something like that by using a proxy that
statically maps a given subtree to a given server. Something like
database relay
suffix "dc=virtual"
overlay rwm
...
rwm rules that rewrite the base DN of a search based on the contents of
the filter (not a trivial rule, though) to a temporary DN like
(uid=*-b) -> $BASEDN,dc=server1
(uid=*-c) -> $BASEDN,dc=server2
...
Then add
database ldap
suffix "dc=server1"
overlay rwm
rwm-rewriteEngine on
rwm-rewiteContext searchDN
rwm-rewriteRule "^(.+),dc=server1$" "$1" "@:"
rwm-rewiteContext default
database ldap
suffix "dc=server2"
overlay rwm
rwm-rewriteEngine on
rwm-rewiteContext searchDN
rwm-rewriteRule "^(.+),dc=server2$" "$1" "@:"
rwm-rewiteContext default
...
and so on. The whole thing may need quite a bit of shakedown, and is
going to be far from efficient, though.
p.