Christian Roessner christian@roessner-net.com writes:
Hi, once again,
[...]
: config_add_internal: DN="olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config" no structural objectClass add function config error processing olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config: send_ldap_result: conn=-1 op=0 p=0 send_ldap_result: err=65 matched="" text="" slapd destroy: freeing system resources. slapd stopped. connections_destroy: nothing to destroy.
Hm, error=65 is objectclass violation, what attributes did you put into olcDatabase={0}ldap,olcOverlay={0}chain
Here is, what I added to th consumer to get the chain overlay added:
dn: olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcChainConfig olcOverlay: {0}chain
dn: olcDatabase=ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config changetype: add objectClass: olcLDAPConfig objectClass: olcChainDatabase olcDBURI: ldap://10.1.0.3/ olcDbIDAssertBind: bindmethod=simple binddn="cn=admin,dc=roessner-net,dc=de" credentials=********** mode=self
@Dieter: You have shown me your chain solution. You do have two ldap-directives under chain. Could this be the problem here?
If you don't have 2 ldap entries, it might be a problem, but I'm not sure. olcDatabase{0}ldap contains general back-ldap database related attributes, like startTLS, proxyWhoAmI and so forth. olcDatabase{1}ldap contains back-ldap chain database related attributes. But, as said, I have not much experience in chaining configuration, but mine does what it should do. By the way openldap version are you running? I remember vaguely some chain ITS have been fixed recently.
[...]
-Dieter