[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Two bases on same ldap server

Thank you for your feedback.

Well, i really don't understand ldap base.But when you explained how to:

# Load dynamic backend modules
#dn: cn=module,cn=config
#objectClass: olcModuleList
#cn: module
#olcModulepath: /usr/lib/ldap
#olcModuleload: back_hdb

# Database settings
dn: olcDatabase=hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {2}hdb
olcSuffix: dc=sij,dc=com,dc=br
olcDbDirectory: /var/lib/ldap/other_base
olcRootDN: cn=admin,dc=sij,dc=com,dc=br
olcRootPW: 123456
olcDbConfig: set_cachesize 0 2097152 0
olcDbConfig: set_lk_max_objects 1500
olcDbConfig: set_lk_max_locks 1500
olcDbConfig: set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcAccess: to attrs=userPassword by dn="cn=admin,dc=sij,dc=com,dc=br" write by anonymous auth by self write by * none
olcAccess: to attrs=shadowLastChange by self write by * read
olcAccess: to dn.base="" by * read
olcAccess: to * by dn="cn=admin,dc=sij,dc=com,dc=br" write by * read


root@PythonAPP:~# ldapadd -Y EXTERNAL -H ldapi:/// -f backend_sij_com.example.com.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
adding new entry "olcDatabase=hdb,cn=config"

root@PythonAPP:~# vim frontend_sij_com.example.com.ldif

root@PythonAPP:~# ldapadd -x -D cn=admin,dc=sij,dc=com,dc=br -W -f frontend_sij_com.example.com.ldif
Enter LDAP Password:
adding new entry "dc=sij,dc=com,dc=br"

adding new entry "cn=admin,dc=sij,dc=com,dc=br"

adding new entry "ou=people,dc=sij,dc=com,dc=br"

adding new entry "ou=groups,dc=sij,dc=com,dc=br"

adding new entry "uid=caho.lopes,ou=people,dc=sij,dc=com,dc=br"

adding new entry "cn=sij,ou=groups,dc=sij,dc=com,dc=br"

Very good, was a great help.

Now, to my understanding, With this configuration, i have two bases, right ? Two different tree ?

Thank so much.

Ps: I am reading: http://www.openldap.org/doc/admin24/slapdconf2.html

On 20-07-2011 19:08, Quanah Gibson-Mount wrote:
--On Wednesday, July 20, 2011 6:00 PM -0300 Ãdnei <ednei.felipe.rodrigues@gmail.com> wrote:

Hi Guys!
ÂI don't know if it is possible, but.......

It is possible to have as many bases on the server as you want. There are two ways to do this:

a) Configure the server to use "" as its base, which allows you to use a single database for all the bases.


b) Configure unique databases for each base you want to use.

It looks like you were trying to use option(b). However, you failed to give the second database its own unique location, which will never work.

There are numerous errors in your attempt to add a second database.

1) You tried to re-add the module load for back-hdb, which is unnecessary since you've already done this.

2) You said your second HDB config database is actually the same as the first config database:
olcDatabase: {1}hdb

that should be:

olcDatabase: {2}hdb

3) You re-used the existing database directory, which will cause immediate database corruption:

olcDbDirectory: /var/lib/ldap

that should be:

ÂolcDbDirectory: /some/other/location

I would *highly* advise you read the OpenLDAP admin guide and spend some time comprehending the cn=config database for LDAP configuration. However, all of your above errors are not specific to cn=config.



Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra ::Â the leader in open source messaging and collaboration