[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Creating suffix aliases with OpenLDAP
- To: openldap-technical@openldap.org
- Subject: Re: Creating suffix aliases with OpenLDAP
- From: Dieter Klünter <dieter@dkluenter.de>
- Date: Wed, 14 Sep 2016 16:54:42 +0200
- In-reply-to: <a2b-57d95800-13d-3d9aee00@74628429>
- Organization: AVCI
- References: <a2b-57d95800-13d-3d9aee00@74628429>
Am Wed, 14 Sep 2016 16:00:33 +0200
schrieb "Ralf Mattes" <rm@mh-freiburg.de>:
> Dear collectes list wisdom,
>
> I'm running a ldap server whose main database holds a X500 style
> suffix (i.e. o=...,l=...,c=...). The organisations name does contain
> a non-ascii character 'ü'. So far this never has been a problem but
> now one of our partner institutions needs to access the server with
> tomcat/ndi/proprietary code and that fails misserably - no wonder:
> the send the bind DN with the wrong encoding. While I'm sure there is
> a solution on the Java/Tomcat side I'd like to provide the
> possibility to access the data under a different DN (with 'ü'
> replaced by 'ue'). My first attempt: I created a second database with
> the alternative suffix and placed an alias object as the topmost
> entry. That object points to the toplevel organisation object of the
> real database. But while I can see that object none of the child
> entries are found.
>
> s there any to configure such an "alias suffix"?
There are quite a few possible solutions,
1. slapd-relay(5)
2. slapd-ldap(5)
and a few more.
I would recommend slapd-relay, configuration could be:
...
database relay
suffix o=uebermut,c=XX
relay o=übermut,c=XX
...
depending on your database design you may need the rwm overlay and some
rewrite rules.
-Dieter
--
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E