[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Setting up a Proxy Cache

Thanks for your answer Howard.

It actually works!!!

Thanks very much!

-- Juan
Howard Chu wrote:
You must configure a rootdn for the ldap database; the proxycache overlay uses the rootdn when writing into the proxy database.

Juan F Arjona wrote:


I am new on using the Proxy Cache implementation of OpenLDAP. I have setup a server to Proxy-Cache a Lotus Domino LDAP server.

So my slapd.conf file:

include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/java.schema
allow bind_v2
pidfile         /var/run/slapd.pid
argsfile        /var/run/slapd.args
loglevel 4095

backend ldbm
directory /var/openldap-data/
access to * by * write

sizelimit -1

include /etc/openldap/america.conf

And the file:  america.conf:

database        ldap
loglevel        128
suffix          ""
uri             ldap://SGHOU00/
overlay         proxycache
proxycache      hdb 5000 1 1000 21600
proxyattrset    0 mail
proxytemplate   (uid=) 0 12000
cachesize       200
directory       /var/openldap-data/america/
access to * by * write
index           objectClass     eq
index           mail    pres,eq,sub

Now, when I run:

ldapsearch -h localhost -s sub -b "" "(uid=jarjona)" mail

The very first time I get the right answer, but after the second I get an empty answer. The logs (below) show that slapd is trying to write the entry in a backend database (I imagine is in the given backend), but that is failing:

Please note the line:

Mar 31 14:31:24 ldap-proxy slapd[16533]: => access_allowed: write access to "CN=Juan Arjona,O=AMERICA" "entry" requested
Mar 31 14:31:24 ldap-proxy slapd[16533]: => access_allowed: backend default write access denied to "(anonymous)"

So permissions seem to be okay, but something in the database is not permitting the cache to work...

Which means that at some point the backend is not allowing writing to the database (?).

Any idea where is my mistake?

Thanks in advance,

-- Juan