Something isnt clear to me, on A I got the following slapd.conf:<br><br>database&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; hdb<br>suffix&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;dc=example,dc=com&quot;<br><br>database ldap<br>suffix&nbsp;&nbsp; &quot;dc=B,ou=Subs,dc=example,dc=com&quot;<br>uri&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;ldap://B/&quot;<br>
idassert-bind bindmethod=simple<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; binddn=&quot;dc=example,dc=com&quot;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; credentials=[password in clear text]<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; authzID=&quot;dn:cn=Manager,dc=example,dc=com&quot;<br><br>And on B I got the following setup:<br>
<br>database&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; hdb<br>
suffix&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;dc=example,dc=com&quot;<br><br>When I start slapd on A I get:<br><br>/etc/openldap/slapd.conf: line 87: &lt;suffix&gt; namingContext &quot;dc=B,ou=Subs,dc=example,dc=com&quot; already served by a preceding hdb database serving namingContext &quot;dc=example,dc=com&quot;.<br>
<br>Isnt it possible to set a database as a branch of another ?<br><br><br><div class="gmail_quote"><div><div class="Wj3C7c">&quot;Or Goshen&quot; &lt;<a href="mailto:oberonc@gmail.com">oberonc@gmail.com</a>&gt; writes:<br>

<br>
&gt; Hello<br>
&gt;<br>
&gt; I have the following situation and would like to know your opinion on the<br>
&gt; matter:<br>
&gt;<br>
&gt; I have 2 slapd servers A and B, both require simple authentication and are not<br>
&gt; open for anonymous access.<br>
&gt; What I would like to do is setup a node on A that would reference the root of<br>
&gt; B and would allow me to perform read/write to it.<br>
&gt;<br>
&gt; I tried so far:<br>
&gt;<br>
&gt; 1. Setup a &quot;referral&quot; objectClass on A in the following manner:<br>
&gt;<br>
&gt; dn: dc=B,ou=Subservers,dc=example,dc=com<br>
&gt; dc: B<br>
&gt; objectClass: referral<br>
&gt; objectClass: extensibleObject<br>
&gt; ref: ldap://B/dc=example,dc=com<br>
&gt;<br>
&gt; That didnt work since B requires authentication. So I tried this:<br>
&gt;<br>
&gt; dn: dc=B,ou=Subservers,dc=example,dc=com<br>
&gt; dc: B<br>
&gt; objectClass: referral<br>
&gt; objectClass: extensibleObject<br>
&gt; ref: ldap://??B??!bindname=cn=Manager%2cdc=example%2cdc=com/dc=example,dc=com<br>
&gt;<br>
&gt; Didnt work either (authentication extension not supported ?).<br>
&gt;<br>
&gt; 2. slapd apparently supports an &quot;ldap&quot; backend/database. Problem is that there<br>
&gt; is no real documentation here or here on how to set them up. Anybody ever<br>
&gt; setup such a database/backend ? does it support authentication ? any examples<br>
&gt; I can take a look at ?<br>
&gt;<br>
&gt; I dont want to replication B on A, I just want to act as a proxy.<br>
<br>
</div></div>There is plenty of information on back-ldap available,<br>
<div class="Ih2E3d"><a href="http://www.openldap.org/faq/data/cache/532.html" target="_blank">http://www.openldap.org/faq/data/cache/532.html</a><br>
<br>
</div>For more details see man slapd-ldap(5), man slapd-meta(5) and try<br>
to glue databases, following &nbsp;configfuration is just a simple hint<br>
<br>
database bdb<br>
suffix dc=A,ou=subservers,dc=example,dc=com<br>
...<br>
subordinate<br>
<br>
database ldap<br>
suffix ou=subservers,dc=example,dc=com<br>
uri ldap://host.example.com<br>
...<br>
<br>
-Dieter<br>
<font color="#888888"><br>
--<br>
Dieter Klünter | Systemberatung<br>
<a href="http://www.dkluenter.de" target="_blank">http://www.dkluenter.de</a><br>
GPG Key ID:8EF7B6C6<br>
</font></div><br>