[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Adding an Entry Outside the DIT

To: Quanah Gibson-Mount <quanah@symas.com>
Subject: Re: Adding an Entry Outside the DIT
From: "A. Yuesuen" <ayuesuen93@gmail.com>
Date: Thu, 6 Jun 2019 09:09:44 +0200
Cc: openldap-technical@openldap.org
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=cUMa+RdAHf5GjALuZRrGeir9XaGsDf7xoM2CX968uzc=; b=E8ot5LfKDt0AFs89EpxVOCdfHj8ARiVVZ3+7O80fzG/4L/ZpRZYYnyI81rqjTy7cVU KeGz6yJ5046e/1RTO6Ukik4BCBLE6IHzsXlR8rTrO/cdRGRotrjtSADjXRPmda/tTdZc oS26pIZ7vPJX+3IF1wkNCAx4mKCHvIJ60AeHJRXFMblg0bYZzfiXnYRlb2In5fWEFzmy h245kJdryxP77WHeN1mBY4qjgkBHMLzSkQ2paubFGLcCPFOuNFcCqbtN+GyEJzGj5wB+ pCXwsYbB18NcjuUCfA4FuOz/3Uhk7eg+Hs6ffUa1K5f8ctC4O30VsTSfnCkoG1X/ndbG yIpg==
In-reply-to: <B9DC83FE6AD2355BE3849276@192.168.1.39>
References: <CAMF_C+UsKeySMP47wQvddb+39iF63g3eXvEppTer5vNTJEzycg@mail.gmail.com> <B9DC83FE6AD2355BE3849276@192.168.1.39>

I believe it is outside from the main DIT because the differents suffix. and i saw this documentation:
https://wiki.zimbra.com/wiki/Zimbra_Directory_Service_(LDAP)

at the second Picture there are two DIT.

I solved my problem by building a second Database with the wanted Suffix by adding this ldif:

dn: olcDatabase={2}hdb,cn=config

objectClass: olcDatabaseConfig

objectClass: olcHdbConfig

olcDatabase: {2}hdb

olcDbDirectory: /var/lib/ldap/<NEWDIR>

olcSuffix: <new root DN>

olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymous auth by dn="cn=Manager,<new root DN>" write by * none

olcAccess: {1}to dn.base="" by * read

olcAccess: {2}to * by dn="cn=Manager,dc=<new root DN>" write by * read

olcLastMod: TRUE

olcRootDN: cn=Manager,<new root DN>

olcRootPW: <manager password>

Am Mi., 5. Juni 2019 um 19:32 Uhr schrieb Quanah Gibson-Mount <quanah@symas.com>:

--On Wednesday, June 05, 2019 10:18 AM +0200 "A. Yuesuen"
<ayuesuen93@gmail.com> wrote:

> I have to work with a Shadow Server of my Company Ldap Server. And they
> are using for the authentication the Entry with the DN
> uid=zimbra,cn=admins,cn=zimbra but have the Suffic dn: dc=company,dc=com.
> How i can add a User with the dn uid=zimbra,cn=admins,cn=zimbra when
> the suffix ends with dn: dc=company,dc=com.
>
> Is there a way to add a Entry outside the DIT?

What makes you believe it is outside of the DIT? Zimbra deployments use ""
as the suffix for the database.

--Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

Follow-Ups:
- Re: Adding an Entry Outside the DIT
  - From: Quanah Gibson-Mount <quanah@symas.com>

References:
- Adding an Entry Outside the DIT
  - From: "A. Yuesuen" <ayuesuen93@gmail.com>

Prev by Date: Re: Replication issues with delta-syncrepl, MMR and memberOf overlay on 2.4.47
Next by Date: Re: Replication issues with delta-syncrepl, MMR and memberOf overlay on 2.4.47
Index(es):
- Chronological
- Thread