> Hi, > > For my test I have created two openLdap with the same base structure > > Server one: > dc=XX,dc=YY > cn=Manager,dc=XX,dc=YY > o=service1 > > Server two: > dc=XX,dc=YY > cn=Manager,dc=XX,dc=YY > o=service2 > > but they not contened the same datas. > > i have created a referral link between server 1 or server 2. it's work > fine. > > Now I have a third server like: > o=XX > ou=Admin,o=XX > cn=Manager,ou=Admin,o=XX > > So I'm not able to make a referral link between server1 and server 3 > > so I want to chain the two directories. > > is it possible ?
Yes. In the first and in the second one, before any database, add referral ldap://server3 in the third, add referral ldap://server1 or referral ldap://server2 or even both: referral ldap://server1 referral ldap://server2 under the assumption your client can survive multiple referrals, and it can handle sequences of referrals (e.g. when searching server3 with the DN "o=service2,dc=XX,dcYY", it will return a referral to server1, which, on turn, will return a referral to server2). However, if your client is configured to rebind with the same user to chase referrals, there is no common user in the three referrals. This makes sense, and I don't see an obvious way of solving this. It's your client that, upon receiving a referral, should determine if it knows any identity that can be used to chase it (based on the host name, the requestDN and so) or, as a failover, prompt the user for one. Since your client is not distributed by OpenLDAP, and since I'm not familiar with it, I can't provide further help. OpenLDAP tools do not provide any of these features, as far as I know. p. Ing. Pierangelo Masarati Responsabile Open Solution OpenLDAP Core Team SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: [EMAIL PROTECTED] ------------------------------------------
