[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Best way to merge two local DITs vs empty search base suffix

Chris Jacobs wrote:
Where is it documented how the conf file slapd.conf file is processed?

I've read the documentation, more than once, and still don't know. I
this whole 'order thing' is pretty darn important (outside of access config).


suffix <dn suffix>
Specify the DN suffix of queries that will be passed to this backend database. Multiple suffix lines can be given and at least one is required for each database definition.

If the suffix of one database is "inside" that of another, the database with the inner suffix must come first in the configuration file.

Seriously, please me at it.

- chris

Chris Jacobs, Systems Administrator
Apollo Group  |  Apollo Marketing | Aptimus
2001 6th Ave Ste 3200 | Seattle, WA 98121
phone: 206.441.9100 x1245 | mobile: 206.601.3256 | fax: 206.441.9661
email: chris.jacobs@apollogrp.edu

----- Original Message -----
From: openldap-technical-bounces+chris.jacobs=apollogrp.edu@OpenLDAP.org<openldap-technical-bounces+chris.jacobs=apollogrp.edu@OpenLDAP.org>
To: Guy.Baconniere@swisscom.com<Guy.Baconniere@swisscom.com>; openldap-technical@openldap.org<openldap-technical@openldap.org>
Sent: Sun Jun 13 20:20:07 2010
Subject: Re: Best way to merge two local DITs vs empty search base suffix

--On Sunday, June 13, 2010 12:17 PM +0200 Guy.Baconniere@swisscom.com wrote:


We want to update our old OpenLDAP server from 2.1.x to 2.4.x but the
current configuration do not use a regular suffix (o=foo,c=bar nor
dc=foo,dc=bar) but use an empty suffix ("").

We want to move away from empty suffix as we cannot use cn=monitor or any
additional suffixes as they can not bind when a suffix ""is in use in a
hdb database :

You can do this just fine.  I do it in all my installs.  You simply need to
declare them in the right order.  I.e., you must declare monitor, etc
before the empty suffix.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/