2011/1/12 Pierangelo Masarati <[email protected]> > gael therond wrote: > >> Is it possible to add a domain on an already existing root? >> >> I got the following root for now: >> >> dc=lab,dc=corp >> >> and I want to create a second Top entry on my root which will be named >> like >> this: >> >> dc=prod,dc=corp >> >> Is that possible? >> > > It is possible, but it might not be desirable. In principle, you need to > define "dc=prod, dc=corp" as an additional suffix for the database, > something like > > <existing> > database <type> > #... > suffix "dc=lab,dc=corp" > </existing> > > <new1> > database <type> > #... > suffix "dc=lab,dc=corp" > suffix "dc=prod,dc=corp" > </new1> > > However, as far as I remember, back-bdb and back-hdb only support this when > compiled with a special #define, and at some performance cost. A more > straightforward solution would be to define > > <new1> > database <type> > #... > suffix "dc=corp" > </new1> > > and then add "dc=corp" as the root entry, and "dc=lab,dc=corp" and > "dc=prod,dc=corp" as regular children entries of it. > > > >> I've try the following syntaxe without succes. >> >> Racine.ldif: >> >> #Racine >> dn: dc=prod, dc=corp >> ObjectClass: Top >> ObjectClass: dcObject >> ObjectClass: organization >> o: prod.corp >> dc: prod >> >> #OU Groups >> dn: ou=groups, dc=prod, dc=geka >> ObjectClass: organizationalUnit >> ObjectClass: top >> ou: groups >> >> #OU Users >> dn: ou=users, dc=prod, dc=geka >> ObjectClass: organizationalUnit >> ObjectClass: top >> ou: users >> >> And then I've done the usual LdapADD command, but with the following error >> returned: >> >> ldap_add: Server is unwilling to perform (53) >> Additional info: No global Superior Knowledge. >> >> Well, my guest is that I didn't set correctly Slapd because my default >> root >> is lab.corp instead of being TLD .corp >> Is that theory right? >> > > It is not clear from the message what entry failed. I assume it was > "dc=prod,dc=corp" because it is not within the database's naming context. > However the subsequent entries would be incorrect as well, becuase > "dc=geka" is not within the "dc=corp" naming context. > > p. >
Many thanks, As you said, I've re-read the manual and yes it's recommend to use a new database entry. Once again, you're right I'm using the BDB backend on my LDAP. Your last solution is exactly what I'm looking for, have a root named Corp and two distinct children named Lab and Prod As we done with Active Directory (One forest with multiple domain on it). Many thanks Once Again. Problem Solved!!
