[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Multiple suffixes per server

As long as there are no schema collisions between the two (e.g. similarly
named attributes with different properties), it should be as simple as
merging both sets of ACL data into a single slapd.conf.  The OpenLDAP
server doesn't give a rats ass about the structure below the root.  It's
all just indexes and names as far as it is concerned.


--On Friday, May 13, 2005 9:19 +1000 Dave Horsfall <daveh@ci.com.au> wrote:

I don't think that is possible with OpenLDAP, but I'm willing to be
convinced otherwise; I've also been told that this called
"multi-mastering", but I know that that's the wrong term.

Let's say that BigCorp.com (dc=BigCorp,dc=com) has just been taken over
by  Cobber.com.au (dc=Cobber,dc=com,dc=au).  As is the wont of ways like
this,  both need to retain their corporate identities despite the
hierarchy, with  the possibility of having the directory available to the

In other words, I need to serve "dc=BigCorp,dc=com" and
"dc=Cobber,dc=com,dc=au" side by side, on the one server.  I can do it
with separate servers, but there is the need to inform client programs
just which server to use (DNS LDAP discovery and 2.3/HEAD?).  I can also
run several SLAPD instances on the one server, but again there is the
problem of informing the client (which could be Joe Q. Public).

So, it is possible to run non-overlapping suffixes on one server?

-- If this message was not signed with gpg key 0FE2AA3D, it's probably a forgery.

Attachment: pgpckpvtafq84.pgp
Description: PGP signature