[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: translucent overlay and local objects?



Hi David

On Tue, Apr 10, 2012 at 5:33 PM, David Arroyo <david.a.arroyo@gmail.com> wrote:
> Hi Eugene,
>
> All changes you make to a translucent proxy will be written to the
> local database. They are not written upstream. I think you will want
> to mess with the chain overlay to produce an affect like that.

This would explain the behavior that objects already exist :)  Thank you.

> I have been able to achieve what you are proposing by creating a
> subordinate database for my entirely new objects. The translucent
> proxy serves and modifies objects at dc=example,dc=org, and the
> subordinate database lives at ou=ext,dc=example,dc=org.

Is it possible you could share with me a skeleton of your
configuration? I am on RHEL5, slapd 2.3.43, hence I'm still working
with slapd.conf.  (Learning the 2.4 dynamic configuration style is on
my to do list...I think I will want the memberof attribute overlay)

I implemented desired functionality minus translucency by having the
following database clauses -- (I can create entities within the
ou=groups and searches against the ou=Users are results from remote
LDAP.

----
database        bdb
suffix "dc=dept,dc=example,dc=org"

database meta
suffix  "dc=example,dc=org"

uri     "ldap://remoteldap.example.org/ou=people,dc=example,dc=org";
uri     "ldap://localhost/ou=groups,dc=dept,dc=example,dc=";