[Date Prev][Date Next] [Chronological] [Thread] [Top]

Referrals and Chasing Them


I'm working on a project where we want to use LDAP-directory to store
different kinds of information about an enterprise size organization. We
also want to use several LDAP-servers possibly one for each department or
so. These servers should refer to each other to make the tree whole. I did
manage to create a referral to a different LDAP-tree on a different
machine and to make the library chase the referrals for me. But still I
have some questions conserning this arrangement. Consider the following

# ServerA
dn: o=CS, c=FI
objectClass: top
objectClass: organization

dn: ou=FirstFloor, o=CS,c=FI
objectClass: top
objectClass: organizationalUnit
ou: FirstFloor

# ServerB
dn: ou=RestOfWorld,o=CS,c=FI
objectClass: top
objectClass: organizationalUnit
ou: RestOfWorld

dn: ou=Home,ou=RestOfWorld,o=CS,c=FI
objectClass: top
objectClass: organizationalUnit
ou: Home

Now when searching with ldapsearch with -C flag I get the whole tree as I
want it and this also works fine with API calls from my C program. But I
would like to know what makes this referral work? Is it the library or the
server? And how does binding work? Does it use the same name and password?
And if I use the rootdn, must the rootdn be the same in the serverB?

I can also make a search with base set to
"ou=Home,ou=Home,ou=Home,ou=Home,ou=RestOfWorld,o=CS,c=FI". Why is this? A
bug? The same doesn't occur when performing a search directly to the

Thank you very much.

	Joona Hartman,
	Telecommunications Lab.,
	Tampere Univ. of Tech.,