[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#7768) Use of olcDbUri in LDAP/Chain configuration for ppolicy_forward_updates
- To: openldap-its@OpenLDAP.org
- Subject: (ITS#7768) Use of olcDbUri in LDAP/Chain configuration for ppolicy_forward_updates
- From: coudot@linagora.com
- Date: Mon, 16 Dec 2013 16:56:22 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
Full_Name: Clément OUDOT
Version: 2.4.38
OS: GNU/Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (88.173.78.196)
I set up a slave configuration with ppolicy_forward_updates feature.
In my data backend config, I have:
olcUpdateRef: ldap://localhost:389
And I created the chain overlay and a sub ldap backend like this:
dn: olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config
objectClass: top
objectClass: olcConfig
objectClass: olcChainConfig
objectClass: olcOverlayConfig
olcOverlay: {0}chain
dn: olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config
objectClass: olcLDAPConfig
objectClass: olcChainDatabase
olcDatabase: {0}ldap
olcDbIDAssertBind: bindmethod="simple" binddn="cn=admin,dc=example,dc=com"
credentials="secret" mode="none"
This configuration do not work: the BIND on the master server is done
anonymously, despite the olcDbIDAssertBind value.
To work, I need to add:
olcDbUri: ldap://localhost:389
Seems the problem exist in OpenLDAP unit test 32, see
tests/data/slapd-chain1.conf :
# uses the chain overlay as global;
# no chain-URI is configured, so the URI is parsed out of the referral
overlay chain
chain-uri @URI2@
chain-idassert-bind bindmethod=simple
binddn="cn=Manager,dc=example,dc=com"
credentials=secret
mode=self
flags=non-prescriptive
The comment say "no chain-URI is configured', but the chain-uri is configured.
Where is the truth?