Re: setup two DNs on one single Openldap server running on Red Hat Enterprise Linux release 8.8 (Ootpa)

2023-10-03 Thread Quanah Gibson-Mount 




--On Tuesday, October 3, 2023 10:24 PM +0200 Jérôme BECOT 
 wrote:




I guess it is a problem of terminology, I should have use baseDN I guess.


Sure... but the question was about two admin users both under the same base 
:)


--Quanah

Re: setup two DNs on one single Openldap server running on Red Hat Enterprise Linux release 8.8 (Ootpa)

2023-10-03 Thread Jérôme BECOT 

I guess it is a problem of terminology, I should have use baseDN I guess.

Le 03/10/2023 à 20:16, Quanah Gibson-Mount a écrit :



--On Monday, October 2, 2023 12:47 PM +0200 Jérôme BECOT 
 wrote:



Hello,

It is not possible to have two different DN on the same database, 
because

the rootDN is unique. But you can configure multiple databases on the
same server, that works quite independently (every db has its own set of
overlays/config/replication). When you create the databases, you must
ensure that they don't live in the same directory (defaults to
/var/lib/ldap).


There's no need for it to be a rootdn, generally I suggest avoiding 
using the rootdn for backends at all.  The only rootdn that *might* 
need to be used is the one for cn=config, but that's entirely separate.


--Quanah

Re: Openldap version / behavior wih duplicates

2023-10-03 Thread Quanah Gibson-Mount 




--On Tuesday, October 3, 2023 2:02 PM + maudez.e...@neuf.fr wrote:


Hello,
I notice a different behavior between versions OpenLDAP 2.4 and OpenLDAP
2.6 for synchronization management and duplicates. In the version
OpenLDAP 2.4, there is no error when duplicates are found (different
branch in openldap) during synchronizations (syncrepl) With version
OpenLDAP 2.6, synchronizations are in error
Do you know why?




You don't provide enough context to answer this question.

Regards,
Quanah

Re: setup two DNs on one single Openldap server running on Red Hat Enterprise Linux release 8.8 (Ootpa)

2023-10-03 Thread Quanah Gibson-Mount 




--On Monday, October 2, 2023 12:47 PM +0200 Jérôme BECOT 
 wrote:



Hello,

It is not possible to have two different DN on the same database, because
the rootDN is unique. But you can configure multiple databases on the
same server, that works quite independently (every db has its own set of
overlays/config/replication). When you create the databases, you must
ensure that they don't live in the same directory (defaults to
/var/lib/ldap).


There's no need for it to be a rootdn, generally I suggest avoiding using 
the rootdn for backends at all.  The only rootdn that *might* need to be 
used is the one for cn=config, but that's entirely separate.


--Quanah

Re: setup two DNs on one single Openldap server running on Red Hat Enterprise Linux release 8.8 (Ootpa)

2023-10-03 Thread Quanah Gibson-Mount 




--On Monday, October 2, 2023 2:26 PM +0530 Kaushal Shriyan 
 wrote:



Is there a way to set up two DN's in OpenLDAP server?


dn: cn=admin,dc=corporate,dc=mydomain,dc=com 

dn: cn=admin,dc=checker,dc=mydomain,dc=com


This is trivial to create as 2 different entries in your dc=mydomain,dc=com 
database.  There's no need for them to be rootdns, you can simply give them 
manage access to whatever they need to control.


--Quanah

Openldap version / behavior wih duplicates

2023-10-03 Thread maudez . eric 
Hello,
I notice a different behavior between versions OpenLDAP 2.4 and OpenLDAP 2.6 
for synchronization management and duplicates.
In the version OpenLDAP 2.4, there is no error when duplicates are found 
(different branch in openldap) during synchronizations (syncrepl)
With version OpenLDAP 2.6, synchronizations are in error
Do you know why?