Nikos Voutsinas wrote: > Let me refer to the following case, hoping that this will help to spot > all possible side effects resulted from the usage of empty suffixes. > > Using a configuration like the one below, searches for > attr=hasSubordinates against the ldap backend as 'uid=<uid>,ou=People', > fail because searchDN is rewritten to: > > [rw] searchDN: "ou=People" -> "ou=People,dc=contacts,dc=uoa,dc=gr" > > > database bdb > suffix "dc=contacts,dc=foo,dc=bar" > ..... > ..... > database ldap > suffix "ou=People" > overlay rwm > rwm-suffixmassage "ou=People,dc=foo,dc=bar" > uri "ldap://server.foo.bar"; > ...... > ...... > database relay > suffix "" > relay "dc=contacts,dc=foo,dc=bar" massage
Either I didn't get what you're trying to do, or you didn't explain it clearly enough. All I can do right now is try to explain what the above configuration is supposed to do. The above configuration serves 3 naming contexts: 1) "dc=contacts,dc=foo,dc=bar" is directly served by the local bdb 2) "ou=People" is directly served by the ldap proxy, by redirecting requests whose DN ends in "ou=People" to the remote server "server.foo.bar" after appending them the suffix "dc=foo,dc=bar" 3) any other request is served by the relay database, which appends to the request DN the suffix "dc=contacts,dc=foo,dc=bar"; so any request is actually mapped on the naming context of the local bdb. I've tried the above configuration with HEAD code and with re23 code (with those small fixes I had to introduce to avoid the core dump when selecting a NULL dn; those have not been committed yet, sorry), and it behaves as I explained (binds, searches, writes), so there appears to be no bug. Of course, if this is not the behavior you expect, you should try to clarify it a bit further, so that better directions about configuring slapd appropriately can follow. p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: [EMAIL PROTECTED] ---------------------------------------
