[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem with searches transgressing suffixmassage-d suffix

To: "matthew sporleder" <msporleder@gmail.com>
Subject: Re: Problem with searches transgressing suffixmassage-d suffix
From: Buchan Milne <bgmilne@staff.telkomsa.net>
Date: Wed, 28 Jun 2006 15:28:21 +0200
Cc: openldap-software@OpenLDAP.org
In-reply-to: <b0459d5c0606280622o76b9a017x72d8db5917c62d6d@mail.gmail.com>
Organization: Telkom Internet
References: <200606262047.50477.bgmilne@staff.telkomsa.net> <b0459d5c0606280622o76b9a017x72d8db5917c62d6d@mail.gmail.com>
User-agent: KMail/1.9.1

On Wednesday 28 June 2006 15:22, matthew sporleder wrote:
> On 6/26/06, Buchan Milne <bgmilne@staff.telkomsa.net> wrote:
> > We have a weird legacy DIT which is going to be migrated to a new more
> > organised structure by an ongoing project.
> >
> > In the meantime, we are deploying provisioning tools which we would
> > prefer not to modify at the time of the migration.
> >
> > So, back-relay seems to be the obvious solution (provision to the final
> > structure, rewrite with back-relay into the old structure).
> >
> > So, I have added a new database on one of our dev servers:
> >
> >
> > database        relay
> > suffix          "cn=webmail,cn=mail,ou=isp"
> > subordinate
> > relay           cn=webmail,ou=mail,dc=isp massage
> > rootdn          <rootdn>
> >
> > There is a bdb database that holds cn=mail,ou=isp (the legacy basedn).
> >
> > That works great, searches on cn=webmail,cn=mail,ou=isp returns an entry
> > I added under cn=webmail,ou=mail,dc=isp ... except that the first search
> > on the cn=mail,ou=isp suffix kills the relay. Any other search which
> > should find anything under cn=webmail,cn=mail,ou=isp returns error 32.
> >
> >
> > I've also tried replacing the relay database with a configurations
> > using "database meta" and "database ldap" with rwm-suffixmassage, and
> > they do the same thing.
> >
> > It seems I must be missing something here ...
>
> I have also setup something similar (although I'm attribute mapping),
> and I don't see your problems.
>
> Here's how mine is setup:
> database        bdb
> suffix          "dc=dept,dc=com"
> rootdn          "cn=Manager,dc=dept,dc=com"
> rootpw          somesecret
> directory       /usr/local/openldap64-ol2.3.23-bdb4.2.52//var/openldap-data
> index   objectClass     eq
>
> database        relay
> suffix          "ou=solaris,dc=test,dc=net"
> overlay         rwm
> map attribute homeDirectory testSolarisHomeDirectory
> suffixmassage   "dc=dept,dc=com"
>
> database        relay
> suffix          "ou=linux,dc=test,dc=net"
> overlay         rwm
> map attribute homeDirectory testLinuxHomeDirectory
> suffixmassage   "dc=dept,dc=com"
>
> I do end up with two homeDirectory attributes coming back if I search
> for all attributes, but searches specifically for homeDirectory return
> my test*HomeDirectory stuff.

I also have some other relay/meta databases which work, but they are not 
subordinate. It seems like rwm+subordinate (glue overlay of course) is the 
problem, but the funny thing is that it works once. I'll have to test with 
manual glue configuration I guess ...

Regards,
Buchan

-- 
Buchan Milne
ISP Systems Specialist
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)

Attachment: pgp6oxxyZMcAW.pgp
Description: PGP signature

References:
- Problem with searches transgressing suffixmassage-d suffix
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>
- Re: Problem with searches transgressing suffixmassage-d suffix
  - From: "matthew sporleder" <msporleder@gmail.com>

Prev by Date: Re: Missing something with filters and/or attributes
Next by Date: Re: Missing something with filters and/or attributes
Index(es):
- Chronological
- Thread