----- "Aaron Richton" <[EMAIL PROTECTED]> wrote: > On Fri, 25 Jul 2008, Guillaume Rousse wrote: > > > First, using a distinct database doesn't allow to provide a virtual > view > > from a branch in my original database to another branch in the same > > database. Meaning, I can't have ou=telephony,dc=myprefix a virtual > view > > of ou=users,dc=myprefix, I need to use a distinct prefix. > > Have you tried declaring the ou=telephony,dc=myprefix back-relay > subordinate to dc=myprefix back-$END?
I was about to reply the same, but you anticipated me :) I've tried the above, and it works as expected as soon as the "relay" statement is omitted. In fact, it requires the superior database to already exist. Probably, that test should either be relaxed or moved to db_open(). With respect to Guillaume's second question, I see the issue. In principle, what he needs to do is something like rwm-map attribute telephoneNumber homePhone rwm-map attribute * telephoneNumber so that real homePhone is mapped to virtual telephoneNumber, and real telephoneNumber is hidden. Unfortunately, this seems to result in a "double mapping" for telephoneNumber. I need to look at the logic of mapping, since what Guillaume wants to do seems to make sense, so it should be allowed. As per the reason of hiding everything not working, it's related to the fact that hiding everything does not allow "objectClass" to be returned, which causes the search filter to fail because the objectClass is not present. Unfortunately, the objectClass attribute cannot be mapped, so it cannot be explicitly preserved by adding rwm-map attribute objectClass * I recommend he files an ITS for each of those two issues. > > Third, this solution doesn't work currently when trying to sync > > the appliance users from ldap. From ldap log, it seems some > specific > > control is not supported with relay backend: > > I think you'd be better served by syncing the real data, and > configuring > the back-relay/slapo-rwm identically across your slaves so as to give > > consistent results. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: [EMAIL PROTECTED] -----------------------------------
