Full_Name: Bastien Bonnefon Version: 2.4.39 OS: CentOS 7 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (194.2.202.93)
Hi,
I have installed openldap as meta directory to request multiple Active Directory. I have managed to install and make it work with dynamic configuration or slapd.conf. But one of the applications accessing the directory needs paged results due to the large amount of entries returned.
So I've searched and found the directive "client-pr", which seems to have been enabled since this case : http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=6664;page=4
The directive is also dcribibed in the slapd-meta man page : http://www.openldap.org/software/man.cgi?query=slapd-meta&apropos=0&...
However, enabling the feature in slapd.conf (I just can't in olc format) doesn't work. Syslog shows this : "unknown directive <client-pr> inside backend database definition"
I've started testing with CentOS 7 and package openldap 2.4.39 I've then tried with Debian Wheezy and Ubuntu 14.04 (package slapd 2.4.31) I've also tried installing openldap from the source with the version 2.4.24 (client-pr should have been enabled in this version due to ITS#6664) => no way :/
I think I've declared the directive as specified in the man page but maybe I miss something. I have not found any other report on the web on how to use "client-pr". Thank you for your help.
Here is my slapd.conf
# Include include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/nis.schema
pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args
# Modules moduleload back_ldap.la moduleload back_meta.la
# Database meta database meta suffix "dc=meta,dc=local"
rootdn "cn=Manager,dc=meta,dc=local" rootpw secret_password1
# First directory uri "ldap://192.168.0.1/ou=test1,dc=meta,dc=local" client-pr accept-unsolicited lastmod off suffixmassage "ou=test1,dc=meta,dc=local" "dc=test1,dc=local" idassert-bind bimemethod=simple binddn="cn=openldap,OU=users,OU=TEST,dc=test1,dc=local" credentials="secret_password2" mode=none flags=non-prescriptive idassert-authzFrom "dn.exact:cn=Manager,dc=meta,dc=local" chase-referrals no acl-authcDN cn=openldap,OU=users,OU=TEST,dc=test1,dc=local acl-passwd secret_password2
# Second Directory uri "ldap://192.168.0.2/ou=test2,dc=meta,dc=local" client-pr accept-unsolicited lastmod off suffixmassage "ou=test2,dc=meta,dc=local" ,%c=test2,dc=local" idassert-bind bindmethod=simple binddn="cn=openldap,OU=users,OU=TEST,dc=test2,dc=local" credentials="secret_password3" mode=none flags=non-prescriptive idassert-authzFrom "dn.exact:cn=Manager,dc=meta,dc=local" chase-referrals no acl-authcDN "cn=openldap,OU=users,OU=TEST,dc=test2,dc=local" acl-passwd secret_password3
idletimeout 1800