Hello, I have 2 LDAP servers: -machine 1:" localserver.domain.com" : the DIT is
dn: dc=example dc: bsr-ivv objectClass: top objectClass: dcObject objectclass: organization o: AAA dn: ou=Users,dc=example objectClass: top objectClass: organizationalUnit ou: Users dn: ou=Groups,dc=example objectClass: top objectClass: organizationalUnit ou: Groups -machine 2: "centralserver.domain.com": the DIT is the SAME. and i want that request not found on "localserver.domain.com" should be delegated to "centralserver.domain.com" the configuration of "localserver.domain.com" is: dn: cn=config objectClass: olcGlobal cn: config olcArgsFile: /var/run/openldap/slapd.args olcPidFile: /var/run/openldap/slapd.pid olcTLSCACertificatePath: /etc/openldap/certs olcTLSCertificateFile: "OpenLDAP Server" olcTLSCertificateKeyFile: /etc/openldap/certs/password structuralObjectClass: olcGlobal creatorsName: cn=config olcReferral: ldaps://centralserver.domain.com olcLogLevel: -1 I use the command "ldapsearch" on "localserver" to request data about "admincentral1" that only exists on "centralserver.domain.com" machine: >ldapsearch -H ldaps://localserver.domain.com -b ou=Users,dc=bsr-ivv -w >password -D "cn=Admin,dc=example" uid=admincentral1 mail -x -C -d 129 But the client "ldapsearch" does not get the refferal of "centralserver" LDAP from "localserver". I look at slap logs and ldapsearch logs but the refferal is never received. Shall i activate anything else? NB: if i use referral Objects, this works fine: i found logs like : " Jan 13 13:44:55 m-deploy slapd[24898]: send_ldap_result: referral="ldaps://centralserver.external.domain.com/ou=Users,dc=example" " but with that configuration, no referral are received by client... Best regards Fabrice
