[LDAP-interop] referral to different parts of DSA

Pierangelo Masarati ando at sys-net.it
Fri Nov 11 03:27:28 EST 2005 

On Thu, 2005-11-10 at 21:54 -0700, Craig White wrote: 
> Thinking about openXchange and it's seemingly rigid orientation for
> having user accounts uid=(.*),ou=Users,ou=OxObjects,dc=example,dc=org
> where I am likely to already have my DSA set up with user accounts in
> uid=(.*),ou=Users,ou=Accounts,dc=example,dc=org and that is already
> working for samba and posix stuff.
> 
> I am using 2.2.x in all cases so far so the 2.3.x overlays

2.2. supports overlays as well, although the magic word "overlay"
doesn't instantly solve all problems; you also need to put some wit in
them...  besides that, I don't see much reason for all this fear of 2.3;
it's not that different from 2.2 to use, it's just much better, and it's
considered stable.  But this is going off topic.

>  are a bit
> ahead of me at this point so I'm wondering if using referrals for
> queries to those desired by openXchange could simply be passed to where
> the real data is.
> 
> - is this possible?

I wouldn't use referrals

> 
> - anyone know of examples?
> 
> - is there a better way short of openldap 2.3.x ?

one so-and-so-clean solution would be to put a back-ldap proxy in
between; something like (run test003 first, then edit
testrun/slapd.1.conf):

<slapd.1.conf>
#######################################################################
# database definitions
#######################################################################

### added virtual subordinate branch
database        ldap
suffix          "ou=OxObjects,o=University of Michigan,c=US"
subordinate
uri             ldap://:9011
suffixmassage   "ou=OxObjects,o=University of Michigan,c=US"
		"ou=People,o=University of Michigan,c=US"
### end of virtual subordinate branch

database        bdb
suffix          "o=University of Michigan,c=US"
directory       ./testrun/db.1.a
rootdn          "cn=Manager,o=University of Michigan,c=US"
rootpw          secret
index           objectClass     eq
index           cn,sn,uid       pres,eq,sub
</slapd.1.conf>

Note that all items will appear as duplicated under the two branches
"ou=People" and "ou=OxObjects" but, like UNIX symlinks, changes in one
branch will be immediately reflected in the other branch.

p.




Ing. Pierangelo Masarati
Responsabile Open Solution

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309          
Mobile:   +39.333.4963172
Email:    pierangelo.masarati at sys-net.it
------------------------------------------

_______________________________________________
LDAP-interop mailing list
LDAP-interop at fini.net
http://lists.fini.net/mailman/listinfo/ldap-interop

More information about the LDAP-interop mailing list