[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Replication with different base DN

To: hornicek@globtel.sk
Subject: Re: Replication with different base DN
From: Pierangelo Masarati <masarati@aero.polimi.it>
Date: Sat, 12 Jan 2002 09:48:12 +0100 (MET)
Cc: openldap-software@OpenLDAP.org
In-reply-to: <20020111163457.GC22359@globtel.sk> from Tomas Hornicek at Jan "11," 2002 "05:34:57" pm

> Hi
> 
> scenario:
> 
> i've got 2 ldap servers
> 
> 1. dc=blah,dc=sk
> 2. dc=anotherblah,dc=sk
> 
> I need to replicate subtree ou=cust,dc=blah,dc=sk to
> ou=cust,dc=anotherblah,dc=sk, is it possible?
> 
> I've tried to make an alias but i can't add it to ldap server i've
> received error no such object
> 
> alias ldif:
> dn: dc=anotherblah,dc=sk
> aliasedobjectname: ou=gsm,dc=blah,dc=sk
> objectclass: extensibleobject
> objectclass: alias
> dc: anotherblah
> 
> 
> any idea?

You may try a "too clever" solution :) by setting up a ldap backend 
on the slave that "massages" the DNs and calls itself on the 
regular database that handles the "dc=anotherblah,dc=sk" naming
context; to this purpose you need a "massaging" version of the 
server (the HEAD code); you may configure it as follows:

<slave slapd.conf>
database	ldap
suffix		"dc=blah,dc=sk"
suffixmassage	"dc=blah,dc=sk" "dc=anotherblah,dc=sk"
uri		"ldap://localhost/";
lastmod		off

database	ldbm
suffix		"dc=anotherblah,dc=sk"
# other stuff
</slave slapd.conf>

If you use the "troyan" ldap database only for replication 
you may want to allow access only to the updatedn:


<slave slapd.conf>
# right between the two database definitions
access to * 
	by dn="cn=replicator,dc=blah,dc=sk" write
	by * none
</slave slapd.conf>

Maybe someone may come out with a cleaner solution...

Pierangelo.

References:
- Replication with different base DN
  - From: Tomas Hornicek <hornicek@globtel.sk>

Prev by Date: Re: Issues I've had migrating from openldap-1 to openldap-2
Next by Date: RE: CRL
Index(es):
- Chronological
- Thread