[Date Prev][Date Next]
Re: searching multiple rootDNs
At 12:28 PM 9/22/00 +0200, Arvid Requate wrote:
>Some days ago I asked if it is possible to search a DIT having several
>root-nodes. Randy Kunkee pointed out that I made a typo in my example,
>so I refine my question:
>I think of having the login information of several domains in one LDAP server,
>each domain having its own root-DN in DC-style, like:
>I'm doing this on openLDAP 2.04 and it just returns the rootDSE when doing
>ldapsearch -x -b '' -s sub '(objectclass=*)'
With subtree scope, it shouldn't return the Root DSE...
>In some posting in the archives someone proposed a base-search with
>searchbase of "cn=config" to find out all rootDNs and then search each one
>seprarately, but this doesn't work.
"cn=config" is a 1.2'ism... OpenLDAP 2.0 provides the same functionality
via the root DSE.
ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
>Do I need one common root to be able to do a global search ?
You create a create a namingContext which contains named
referral objects referring to the other namingContexts.
For example, add to the suffic "dc=example,dc=org":
Then a subtree search for "dc=example,dc=org" will return the
entry "dc=example,dc=org" plus 2 search continuations containing
the above referrals.
Doing this for "" instead of "dc=example,dc=org" doesn't
work as back-ldbm doesn't handling suffix "" well. (Note:
if back-ldbm did handle this, you actually won't add an
entry DSE named "").