[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapd.d syntax help for ldap proxy server

Does anyone have a working ldap proxy configuration script?  Some attributes such as olcURI are not welcomed with slapd on ubuntu 10.10.  My goals is to make a standalone proxy. 

TIA,
Anton

On Fri, Feb 4, 2011 at 12:46 PM, Dieter Kluenter <dieter@dkluenter.de> wrote:
Am Fri, 4 Feb 2011 11:45:36 -0800
schrieb Anton Chu <anton.chu@telecommand.com>:

> I'm trying to setup a ldap proxy server for push based replication.
> I'm in need of help with providing the correct syntax on installing a
> ldap proxy using slapd.d instead of slapd.conf.    The items in bold
> are the questionable syntax that can crossover to slapd.d.  Here's my
> slapd.d configuration:
>
>
> Standalone LDAP Proxy:
> >
> > # load the schemas
> > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
> >
> > ldapadd -Y EXTERNAL -H ldapi:///
> > -f /etc/ldap/schema/inetorgperson.ldif
> >
> > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
> >
> > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/misc.ldif
> >
> > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ldapns.ldif
> >
> > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/openldap.ldif
> >
> >
> >  # Load dynamic backend modules
> >
> > dn: cn=module,cn=config
> >
> > objectClass: olcModuleList
> >
> > cn: module
> >
> > olcModulepath: /usr/lib/ldap
> >
> > olcModuleload: back_hdb
> >
> > olcModuleload: syncprov
> >
> >
> >  # Database settings
> >
> > dn: olcDatabase=hdb,cn=config
> >
> > objectClass: olcDatabaseConfig
> >
> > objectClass: olcHdbConfig
> >
> > olcDatabase: {1}hdb

This should be a ldap database, not a hdb database
> >
> >         database        ldap
> >         # ignore conflicts with other databases, as we need to push
> > out to same suffix hidden              on
> >         suffix          "dc=suretecsystems,dc=com"
> >         rootdn          "cn=slapd-ldap"
> >         uri             ldap://localhost:9012/
> >
> >         lastmod         on
> >
> >         # We don't need any access to this DSA
> >         restrict        all
> >
> >         acl-bind        bindmethod=simple
> >                         binddn="cn=replicator,dc=suretecsystems,dc=com"
> >                         credentials=testing
> >
> >         syncrepl        rid=001
> >                         provider=ldap://localhost:9011/
> >                         binddn="cn=replicator,dc=suretecsystems,dc=com"
> >                         bindmethod=simple
> >                         credentials=testing
> >                         searchbase="dc=suretecsystems,dc=com"
> >                         type=refreshAndPersist
> >                         retry="5 5 300 5"
> >
> >         overlay         syncprov

-Dieter

--
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53°37'09,95"N
10°08'02,42"E