Hi, Or Goshen a écrit : > Hello > > I have the following situation and would like to know your opinion on > the matter: > > I have 2 slapd servers A and B, both require simple authentication and > are not open for anonymous access. > What I would like to do is setup a node on A that would reference the > root of B and would allow me to perform read/write to it. > > I tried so far: > > 1. Setup a "referral" objectClass on A in the following manner: > > dn: dc=B,ou=Subservers,dc=example,dc=com > dc: B > objectClass: referral > objectClass: extensibleObject > ref: ldap://B/dc=example,dc=com > > That didnt work since B requires authentication. So I tried this: > > dn: dc=B,ou=Subservers,dc=example,dc=com > dc: B > objectClass: referral > objectClass: extensibleObject > ref: > ldap://??B??!bindname=cn=Manager%2cdc=example%2cdc=com/dc=example,dc=com > > Didnt work either (authentication extension not supported ?). > > 2. slapd apparently supports an "ldap" backend/database. Problem is that > there is no real documentation here > <http://www.openldap.org/doc/admin24/slapdconf2.html> or here > <http://www.openldap.org/doc/admin24/slapdconfig.html> on how to set > them up. Anybody ever setup such a database/backend ? does it support > authentication ? any examples I can take a look at ?
You'll find information on about the ldap backend in the FAQ: http://www.openldap.org/faq/data/cache/532.html I have used them quite a few times, either back-ldap or back-meta. They both support authentication. > I dont want to replication B on A, I just want to act as a proxy. Proxy is definitely the way to go, using rewrite to integrate your B server in A's tree (see man slapo-rwm). Regards, Jonathan -- Jonathan Clarke Cellule OSSA - Groupe LINAGORA 27 rue de Berri, 75008 Paris Tél: 01 58 18 68 28, fax: 01 58 18 68 29 http://www.linagora.com - http://www.08000linux.com
