As long as there are no schema collisions between the two (e.g. similarly named attributes with different properties), it should be as simple as merging both sets of ACL data into a single slapd.conf. The OpenLDAP server doesn't give a rats ass about the structure below the root. It's all just indexes and names as far as it is concerned.
--On Friday, May 13, 2005 9:19 +1000 Dave Horsfall <email@example.com> wrote:
I don't think that is possible with OpenLDAP, but I'm willing to be convinced otherwise; I've also been told that this called "multi-mastering", but I know that that's the wrong term.
Let's say that BigCorp.com (dc=BigCorp,dc=com) has just been taken over by Cobber.com.au (dc=Cobber,dc=com,dc=au). As is the wont of ways like this, both need to retain their corporate identities despite the hierarchy, with the possibility of having the directory available to the public.
In other words, I need to serve "dc=BigCorp,dc=com" and "dc=Cobber,dc=com,dc=au" side by side, on the one server. I can do it with separate servers, but there is the need to inform client programs just which server to use (DNS LDAP discovery and 2.3/HEAD?). I can also run several SLAPD instances on the one server, but again there is the problem of informing the client (which could be Joe Q. Public).
So, it is possible to run non-overlapping suffixes on one server?
-- If this message was not signed with gpg key 0FE2AA3D, it's probably a forgery.
Description: PGP signature