[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: can we have non-replication of data in distributed directory service?

The error you are getting is because you are
specifying the "ref" attribute for the objectclass
"organizationalUnit". This objectclass doesn't have
this attribute in the schema. So any ldap server with
such a schema defination will reject it.

You can try it out this way. Take out that "ref"
attribute from "dn: ou=subtree,dc=example,dc=net"
entry. And then add a referral entry below the
"dc=example,dc=net" pointing to the othercomapny.com's
ldap server like shown below:-

dn: cn=ref_to_other_comp,dc=example,dc=net
objectclass: referral
cn: ref_to_other_comp

So, now when u fire a search against the dn
cn=ref_to_other_comp,dc=example,dc=net it will fetch
result from the referral also.


--- Ganesh Godavari <ggodavar@uccs.edu> wrote:

> Hello group,
>   I want to know if and how one can provide
> non-replication of 
> directory information in a distributed directory
> environment. Selected 
> people from my organization and othercompany
> (othercompany.com) are 
> working together on a project. Information about the
> selected users 
> from othercompany.com is available through their
> LDAP server. I want 
> my ldap server to query for information about the
> selected users from 
> othercompany.com.
> I maintain a sub-tree of my organization LDAP
> server. openLDAP is not 
> allowing me to do add referal object to my
> organizationUnit 
> declaration in ldif file
> dn: ou=subtree,dc=example,dc=net
> ou: subtree
> objectclass: organizationalUnit
> objectclass: top
> ref: 
> When i try adding this information to the LDAP
> server the following 
> error is reported
> ldap_add: Object class violation (65)
>          additional info: attribute "ref" only
> allowed in the referral
> Is there a way i can do this? Please let me know
> Thanks
> ganesh

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around