On Tue, 2005-11-22 at 10:30 +0100, Jan-Piet Mens wrote: > I'm using OpenLDAP 2.3.11 and I'd like to set up this server > to serve a single base (naming doesn't really matter) which > retrieves entries from a local BDB backend as well as a foreign > LDAP backend. > > If I try do make the foreign back-ldap subordinate of my > naming context, an ldapsearch retrieves the desired values, but > only on the very first invocation after starting the local > server; on subsequent invocations it doesn't return the entries > previously found. I have
This is not working the way you intend it because of issues with the design of slapo-rwm that does not interact smoothly with the glue (see ITS#3971, it's on my todo list). One alternative is to put slapo-rwm as a global overlay, so that rewriting occurs __before__ gluing. An example is provided in test039, which does exactly this. > > database ldap > overlay rwm > uri "ldap://ldap1.example.com/ ldap://ldap2.example.com/"; > rwm-suffixmassage "ou=People,dc=other,dc=com" > "ou=People,dc=example,dc=com" > suffix "ou=People,dc=other,dc=com" > subordinate > rwm-map attribute uid * > rwm-map attribute cn * > rwm-map attribute sn * > rwm-map attribute givenname * > rwm-map attribute mail * > rwm-map attribute telephonenumber * > rwm-map attribute usercertificate;binary * > rwm-map attribute * > rwm-map objectclass person * > rwm-map objectclass inetorgperson * > rwm-map objectclass * > lastmod off > > database bdb > suffix "dc=other,dc=com" > rootdn "cn=Manager,dc=other,dc=com" > ... > > > Alternatively, I tried binding the two backends with back-meta as in > > database bdb > suffix "dc=other,dc=com" > .. > > database ldap > overlay rwm > uri "ldap://ldap1.example.com/ ldap://ldap2.example.com/"; > suffix "dc=example,dc=com" > > database meta > suffix "dc=foo,dc=com" > overlay rwm > > uri "ldap://localhost/dc=other,dc=com"; > default-target > rwm-suffixmassage "dc=foo,dc=com" "dc=other,dc=com" > > uri "ldap://localhost/dc=example,dc=com"; > rwm-suffixmassage "dc=foo,dc=com" "dc=example,dc=com" > > hoping to find the content of both DSA under dc=foo,dc=com, but > that doesn't work for me. > > What am I doing wrong? I'd like a single search base (o=anything) > to find entries under both naming contexts. You made that faaaaar too complicated, and you don't (yet) need the rwm with back-meta: rwm capabilities are builtin; an example is provided in test035, however you may try this: <slapd.conf> database bdb suffix "dc=other,dc=com" # ... database meta suffix "dc=foo,dc=com" # remote, with builtin rewrite uri "ldap://localhost/ou=People,dc=foo,dc=com"; suffixmassage "ou=People,dc=foo,dc=com" "ou=People,dc=example,dc=com" map attribute ... map objectClass ... # local, with builtin rewrite uri "ldap://localhost/dc=foo,dc=com"; suffixmassage "dc=foo,dc=com" "dc=example,dc=com" </slapd.conf> Anyway, I suggest using back-ldap with global rwm. All of this will be simplified, some time. p. Ing. Pierangelo Masarati Responsabile Open Solution SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: [EMAIL PROTECTED] ------------------------------------------
