[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Proxy Ldap Backend for Ipswich Imail

To: Jim Flowers <jflowers@ezo.net>
Subject: Re: Proxy Ldap Backend for Ipswich Imail
From: "Gerald (Jerry) Carter" <jerry@samba.org>
Date: Wed, 29 Oct 2003 16:14:11 -0600
Cc: openldap-software@OpenLDAP.org
In-reply-to: <20031029202452.M32291@ezo.net>
References: <20031029202452.M32291@ezo.net>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031016

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jim Flowers wrote:

| I can query the Imail servers OK but I can't seem to get
| the schema right for the central ldap server as it will not
| return any values.  Here is the result of a query to the Imail
| ldap server:
|
| -------------------snip
| mailg# ldapsearch -x -H ldap://mail.hisdomain.tld \
| -b "" "(uid=username)" mail
|
| dn: uid="username", DomainName="hisdomain.tld"
| cn:
| mail: username@hisdomain.tld
| -----------------------------snip
|
| I come up with a slapd.conf of:
|
| -----------------------------snip
| database        ldap
| suffix          ou=hisorg,dc=mydomain,dc=tld
| uri             ldap://mail.hisdomain.tld/
| suffixmassage   ou=hisorg,dc=mydomain,dc=tld
|                 ""
| map     attribute       uid             uid
| map     attribute       cn              cn
| map     attribute       mail            mail
| map     attribute       *
| map     objectclass     account         Person
| map     objectclass     *
| -----------------------------snip
|
| Can't use DomainName=hisdomain.tld in suffixmassage as there
| is no local equivalent.

What do you mean no local equivalent?  Do you mean there is no
DomainName attribute defined in the schema on the ldap proxy
server?

| Here is what happens:
| -----------------------------snip
| mailg# ldapsearch -x -b "" "(uid=username)" mail
|
| search: 2
| result: 32 No such object
| ----------------------------snip
|
| If there is an answer here, I haven't been able to
| stumble onto it.  Anyone who can point me in the right direction,
| I would appreciate it.

You're actually searching the rootDSE on the ldap
broxy server here which is not what you expect.  I'll
bet things will work ok if you massage the suffix to
a non-empty DN.

cheers, jerry
~ ----------------------------------------------------------------------
~ Hewlett-Packard            ------------------------- http://www.hp.com
~ SAMBA Team                 ---------------------- http://www.samba.org
~ GnuPG Key                  ---- http://www.plainjoe.org/gpg_public.asc
~ "You can never go home again, Oatman, but I guess you can shop there."
~                            --John Cusack - "Grosse Point Blank" (1997)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/oDuyIR7qMdg1EfYRAuJfAKC5UGDZICdijKYsv5eee7rgqt5FSACguvEF
WE3Hse/7A13S31gpjiZ/faA=
=XHFJ
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: Proxy Ldap Backend for Ipswich Imail
  - From: "Jim Flowers" <jflowers@ezo.net>

References:
- Proxy Ldap Backend for Ipswich Imail
  - From: "Jim Flowers" <jflowers@ezo.net>

Prev by Date: ldapsearch to leaf, requesting non-leaf attributes
Next by Date: Re: attribute name case sensitivity
Index(es):
- Chronological
- Thread