[Date Prev][Date Next]
Re: how to extend a remote database with local entries ?
Oren Laadan <firstname.lastname@example.org> writes:
> I want to setup a local ldap server for my team that will extend a remote
> ldap server (whose database is inaccessible to me and I cannot simply
> replicate) with a small number (less than 100) of new (local) entries.
> For example, the local server may add entries for new users only in my
> team, but also support authentication of all users in the remote server.
> I tried to use back-meta, which seems most suitable for merging data
> from multiple targets. Assume the DN base is "dc=EXAMPLE,dc=COM",
> which is what the clients use.
> To set it up, I used the following config snippets:
> moduleload back_ldap
> moduleload back_meta
> moduleload back_bdb
> backend bdb
> backend meta
> # bdb backend, with a "local" DN base different than the main one\
> # not intended to serve clients, but to serve the meta backend only
> database bdb
> suffix "dc=TMP,dc=EXAMPLE,dc=COM"
> readonly on
> # meta backend, with the right DN base, serving the clients
> database meta
> lastmod off
> suffix "dc=EXAMPLE,dc=COM"
> uri "ldaps://REMOTE_SERVER/dc=EXAMPLE,dc=COM"
> uri "ldaps:///dc=TMP,dc=EXAMPLE,dc=COM"
> suffixmassage "dc=EXAMPLE,dc=COM" "dc=TMP,dc=EXAMPLE,dc=COM"
Declare back-bdb as subbordinate to back-meta. Something like
Dieter Klünter | Systemberatung
GPG Key ID:8EF7B6C6