[Date Prev][Date Next] [Chronological] [Thread] [Top]

The difference between the meta and ldap backends

Hello all,

I'm been working with OpenLDAP in a metadirectory configuration -- I'm
using it to provide a merged view of two organization LDAP servers,
along with a local database to support "external collaborators" (that
is, people not otherwise affiliated with our organization).  In my
limited testing it seems to be working reasonably well, but I'm not
sure I completely understand all the components.  For example, I'm
unsure of the difference between this:

  database meta

  uri ldap://serverA.example.com/ou=A,o=organization
  uri ldap://serverB.example.com/ou=B,o=organization
  # ...necessary suffix massaging...

  database hdb
  suffix o=organization

And this:

  database ldap
  suffix ou=A,o=organization
  uri ldap://serverA.example.com
  # ...rewriting...

  database ldap
  suffix ou=B,o=organization
  uri ldap://serverB.example.com
  # ...rewriting...

  database hdb
  suffix o=organization

Both seem to provide the same behavior; a search against
o=organization will search all three directories.  Is either
configuration preferable?  Is one backend considered more stable than
the other?  is there some subtle difference in behavior that I'm
missing?  I'd appreciate your input.


-- Lars