[Date Prev][Date Next] [Chronological] [Thread] [Top]

back-ldap with glue overlay

I have an LDAP server that gets most of its data remotely but stores some

database        ldif
suffix          "ou=groups,dc=foo"
directory       /var/ldap/groups

database        ldap
suffix          "dc=foo"
uri             "ldaps://otherserver:636/"
overlay         rwm
rwm-suffixmassage "dc=foo"      "dc=other"

If I do a search with a base of ou=people,dc=foo it gets proxied and a
search base of ou=groups,dc=foo hits the local ldif backend.

I would like to be able to use a search base of dc=foo and have searches
go to both backends, but if I add 'subordinate' in the ldif backend
definition, the ldap backend stops working because the search base stops
getting translated by the rwm overlay and searches still aren't propagated
to the ldif backend.

Can the glue overlay be used with an ldap backend as the superior
database?  If not, any other suggestions?  Could I define the ldap backedn
with multiple suffixes (one for each of the first-level branches) and then
glue both databases into a superior one that supports the glue overlay?

Eric Irrgang - UT Austin ITS Unix Systems - (512)475-9342