[Date Prev][Date Next]
RE: Server to Server question
No way in OpenLDAP 2.0. Yes in 2.1. The 2.1alpha release has been out for a
while, and 2.1beta is due out very soon.
The documentation for the new feature hasn't been written yet, but here is
example of how to configure 2.1; the feature you want requires either
back-ldap or back-meta to be enabled in addition to the default database
types. On the serverB there is nothing different to do. On serverA you would
configure a subordinate backend instead of configuring a referral:
uri ldap://[serverB IPv6 address]/
[regular configuration info for "dc=a" database...]
The above config for serverA will allow anonymous searches to behave
correctly. Also, all searches by users under dc=a1,dc=a should work fine.
But a user bound as cn=user,dc=a would not be able to bind to the dc=a1,dc=a
server, so that would fail.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
Symas: Premier OpenSource Development and Support
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Alberto
> I've installed an OpenLDAP v2 (IPv6 enabled) and i've configured a
> "referral". So:
> My server (serverA) is managing "dc=a"
> Another OpenLDAPv2 server (serverB) is managing "dc=a1,dc=a"
> So, in serverA, i've configured "refldap://[serverB IPv6
> When I make a search on serverA (whith ldapsearch) it answers me with
> the referral. Is there anyway for serverA to asking serverB
> directly? Like a "recursive search" in DNS...
> Thank you in advance and excuse me for my poor english...
> Best Regards,