[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Multiple Search Paths

To: Howard Chu <hyc@highlandsun.com>
Subject: Re: Multiple Search Paths
From: "Tibbetts, Ric" <ric.tibbetts@ngc.com>
Date: Thu, 02 Oct 2003 14:49:58 -0400
Cc: openldap-software@OpenLDAP.org
In-reply-to: <009601c3890f$a9325a30$1801a8c0@CELLO>
References: <009601c3890f$a9325a30$1801a8c0@CELLO>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030225

Thanks Howard; However, one of my prime requirements is that all setups must work with standard installations. No client customizations (ie: additional software) allowed. This envirnoment is such that we do not have that kind of control over all the clients. So I have to work to the lowest possible denominator.

And it DOES work on the Solaris client, attached to the OpenLDAP server. So I know OpenLDAP is capable of serving it up. I thought it was a trivial thing. It's neraly something that I'd consider a basic feature, and I was just missing the syntax (not much documentation on the ldap client setup around).

Howard Chu wrote:

This is a feature that Symas added to PADL's pam_ldap and nss_ldap several
months ago. If you're using a RedHat bundled version, you need to upgrade to
PADL's current versions before you can take advantage of this feature as
RedHat (and most Linux distros) bundles very old releases of this software.
You also should be asking this on a pam or nss mailing list; please direct
followups there.

 -- Howard Chu
 Chief Architect, Symas Corp.       Director, Highland Sun
 http://www.symas.com               http://highlandsun.com/hyc
 Symas: Premier OpenSource Development and Support

-----Original Message----- From: owner-openldap-software@OpenLDAP.org [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Tibbetts, Ric

All;
This is probably a quick & simple one.
I need to set up multiple search paths for user accounts.
I have several departments in my DIT that could contain
department only
accounts, as well as a general user base. So for any given
user (within
a domain), I need to do two searches (for login authentication).

My main user base is in (for example):

	ou=People,dc=ldap-test,dc=com

With department specific accounts in:

	ou=People,dc=eng,dc=mlb,dc=ldap-test,dc=com

The same condition exists with the groups, etc..

I can't seem to see both of them for login authentication from the
client. In my client (Redhat 9) ldap.conf, I have:

# The distinguished name of the search base.
base dc=eng,dc=mlb,dc=ldap-test,dc=com

(and)

nss_base_passwd         ou=People,dc=ldap-test,dc=com

On Solaris, I can specify more than one search path. How do
you do that
with Linux?

Thank you!

-Ric

References:
- RE: Multiple Search Paths
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: RE: Multiple Search Paths
Next by Date: searching over multiple DNs
Index(es):
- Chronological
- Thread