[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Merging databases with translucent

To: openldap-technical@openldap.org
Subject: Re: Merging databases with translucent
From: "M. P." <kisscoolandthegangbang@hotmail.fr>
Date: Fri, 8 Jan 2016 22:39:48 +0100
In-reply-to: <CAJbX1BOO_br41i4LrpncxN0umtiyEiniLQQVAQuipGjGbHN4Eg@mail.gmail.com>
References: <BLU436-SMTP76E79625CC9A27EDE1C574A0F60@phx.gbl> <CAJbX1BOO_br41i4LrpncxN0umtiyEiniLQQVAQuipGjGbHN4Eg@mail.gmail.com>
User-agent: Roundcube Webmail/1.1.1

meta backend is one thing I found too when I were looking for somesolution and I thought I should also try. I had not yet the time to tryit but every where I saw his usage it is to map ou=suffix1 andou=suffix2 to "a third suffix".

In my case I have my local db with a suffix of dc=base,dc=dn. The remotedatabase has also a suffix of dc=base,dc=dn. And what I want is to haveon the unified view a suffix of dc=base,dc=dn too. Something likeou=suffix1,dc=base,dc=dn and ou=suffix2,dc=base,dc=dn is not what I'mlooking for.


Maybe you can confirm that it is doable.

Another point in my case is that I have entries that are on both, localand remote databases, with the same dn's. With a search operation,remote entries should be fetched and what is on the local databaseshould append/override remote's entries before being displayed.

Have you by chance, be confronted to a case like this with your setup ?



Le 2016-01-08 21:47, jason cafarelli a écrit :

I used suffix massage to combine customer LDAP with my local LDAP
server; this allows us to have internal users.  Documentation on doing
this is very sparse.

Client side; sssd points at dc=local.

# BDB database definitions
#######################################################################

#local database b
database        bdb
idlcachesize 50000
suffix         "dc=b,dc=com"
rootdn         "cn=adm,dc=b,dc=com"
rootpw         {SSHA}xx
cachesize 50000
dirtyread
dbnosync
checkpoint 128 15
idlcachesize 50000
index objectClass eq

#database meta - COMBINES the LDAP DATABASES
database meta
suffix  "dc=local"
rootdn  "cn=adm,dc=local"
rootpw  {SSHA}xx

#internal LDAP
uri            "ldap://127.0.0.1/ou=internal,dc=local [2]"
lastmod        off
suffixmassage   "ou=internal,dc=local" "dc=b,dc=com"

#external - customer  LDAP
#uncomment lines and only change vars inside [] to match env
#
#uri            "ldap://[myldap]/ou=external,dc=local";
#lastmod        off
#suffixmassage  "ou=external,dc=local" "[dc=a,dc=a,dc=com]"
#

JASON K CAFARELLI
Desk:   (508) 637-5705 [3] (primary)
Mobile: (508) 215-9712 [4]
jason.cae@gmail.com



--
------------

M. P.

References:
- Merging databases with translucent
  - From: "M. P." <kisscoolandthegangbang@hotmail.fr>
- Re: Merging databases with translucent
  - From: jason cafarelli <jason.cae@gmail.com>

Prev by Date: Re: Out of ideas when troubleshooting TLS negotiation failure
Next by Date: Re: Out of ideas when troubleshooting TLS negotiation failure
Index(es):
- Chronological
- Thread