[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Separate trees openldap

To: openldap-technical@openldap.org
Subject: Re: Separate trees openldap
From: Dieter Klünter <dieter@dkluenter.de>
Date: Mon, 30 Apr 2018 10:10:51 +0200
In-reply-to: <CAKv0VtJEcA-gHyz0qsGYQrKKUcCQxWA+MHhVmshTFibunNRu=g@mail.gmail.com>
Organization: AVCI
References: <CAKv0VtJEcA-gHyz0qsGYQrKKUcCQxWA+MHhVmshTFibunNRu=g@mail.gmail.com>

Am Thu, 26 Apr 2018 09:33:56 -0300
schrieb seguranca informacao <cerberus.seginfo@gmail.com>:

>  Hi guys,
> 
> I'm trying to accomplish a configuration that I'm not aware of. I
> need to replicate several directories (AD, openldap, etc) to a unique
> repository (my openldap). The thing is I need to have completely
> separate trees for each domain (client). Any ideas in how to do that?
> bellow is an example what I'm thinking of:
> 
> 
> dc=example,dc=com
>      cn=users
>      cn=groups
> 
> ------------------------------ complete separation
> dc=domain,dc=com
>      cn=users
>      cn=groups
> 
> ------------------------------ complete separation
> dc=test,dc=ca
>      cn=users
>      cn=groups
> 
> ------------------------------ complete separation

make use of slapd-ldap(5), slapd-relay(5) and slapo-rwm(5)
something like:

database ldap
suffix dc=test,dc=ca
...
database relay
suffix dc=test,dc=example,dc=com
relay dc=test,dc=ca
overlay rw
rwm-suffixmassage  "dc=test,dc=example,dc=com" "dc=test,dc=ca"
subordinate

database mdb
suffix dc=example,dc=com

-Dieter

-- 
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E

References:
- Separate trees openldap
  - From: seguranca informacao <cerberus.seginfo@gmail.com>

Prev by Date: mdb_del: MDB_MAP_FULL: Environment mapsize limit reached
Next by Date: Re: OpenLDAP & Mysql backend
Index(es):
- Chronological
- Thread