[Date Prev][Date Next] [Chronological] [Thread] [Top]

I can't get relay to work in exposing a database under another suffix

To: openldap-technical@openldap.org
Subject: I can't get relay to work in exposing a database under another suffix
From: watery <xoot123@yahoo.it>
Date: Tue, 13 Mar 2018 19:46:44 +0100
Content-language: it
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.it; s=s2048; t=1520966807; bh=ZtNjG+RGGQUY+OxxpxU7ShAKjEC111lw/7alQGYJNis=; h=To:From:Subject:Date:From:Subject; b=YQNSkrIDnFXoswrXVPtQlC0Sekvc89kiG2Wn2YleosGds7wyzF4/xXf0b9i/Ht7dEXaVOJu+Y0Q77kRdhozeTMXvvWH/OEQ/M9+7oRsZoylfCOUYIQT6Q6bbCRcNZJwx2KSnMZlKFqcI/AUIOn3XKnJBAXzPyZvoAGV7WaspGQZ/Va8/XIGGOalWJQbPmGZleCSBY8/kfXmeSz37JED9GGUp9vftdG00OcYTHOPGnMg5NdosnRnMYqIpv0QqAEXcS8TO263+xsJC1p11xfqg96+ZpWyIJ2VBGzmhbrRWbz2MRMROVUw/qFjP9FSJ1c6nL9y+AWhw5t0WofTpn7CUQQ==
User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0

Hello,
I'm trying to set up a replica of a remote server (suffix: ou=customer,o=main) in a local subtree (suffix: dc=example,dc=com).
The two separate databases work, as I can add entries to both of them using their original suffix with ldapmodify.
But no configuration of relay let's me query the replicated content using the local suffix, since ldapsearch either ends with "No Such Object" or doesn't terminate at all, it hangs after:

||connect success # extended LDIF # |ï¿œ... # LDAPv3 ||||# base <ou=users,dc=example,dc=com> with scope baseObject ||||# filter: (objectclass=*) ||||# requesting: ALL ||||# |Graphically it should look like this:

Remote server:

ou=customer,o=main

|

`-- ou=users,ou=customer,o=main

ï¿œï¿œï¿œ |

ï¿œï¿œï¿œ `-- ou=1000002052,ou=users,ou=customer,o=main

ï¿œï¿œï¿œ |

ï¿œï¿œï¿œ `-- ou=1000001458,ou=users,ou=customer,o=main

ï¿œï¿œï¿œ |

ï¿œï¿œï¿œ `-- ou=1000002113,ou=users,ou=customer,o=main

Local server:

dc=example,dc=com

|

`-- ou=customers,dc=example,dc=com

|ï¿œï¿œ |

|ï¿œï¿œ `-- cn=name-one,dc=example,dc=com

|ï¿œï¿œ |

|ï¿œï¿œ `-- cn=name-two,dc=example,dc=com

|

`-- ou=users,dc=example,dc=com

ï¿œï¿œï¿œ |

ï¿œï¿œï¿œ *

ï¿œï¿œï¿œ * (this is the replicated subtree, exposed under the new suffix)

ï¿œï¿œï¿œ *

ï¿œï¿œï¿œ |

ï¿œï¿œï¿œ `-- ou=1000002052,ou=users,dc=example,dc=com

ï¿œï¿œï¿œ |

ï¿œï¿œï¿œ `-- ou=1000001458,ou=users,dc=example,dc=com

ï¿œï¿œï¿œ |

ï¿œï¿œï¿œ `-- ou=1000002113,ou=users,dc=example,dc=com

Here's one of my attempts:

# Remote
database bdb
directory ...
suffix ou=customer,o=main
rootdn ...
rootpw ...
access to * by * manage
index ...

overlay memberof

# Relay
database relay
suffix ou=customers,dc=example,dc=com
relay ou=customer,o=main

overlay rwm
rwm-suffixmassage ou=customers,dc=example,dc=com ou=customer,o=main

# Local
database bdb
directory ...
suffix dc=example,dc=com
rootdn ...
rootpw ...
access to * by * manage
index ...

overlay memberof

overlay refint
refint_attributes member
refint_nothing "cn=nobody,dc=example,dc=com"

Follow-Ups:
- Re: I can't get relay to work in exposing a database under another suffix
  - From: "Marco R." <xoot123@yahoo.it>

Prev by Date: new attribute
Next by Date: Missing contextCSN on ldap cluster
Index(es):
- Chronological
- Thread