Hi, once again,
Under the covers, the chain overlay creates a private back-ldap instance. For dynamically adding with cn=config, you have to create this instance yourself. See the later section of test022-ppolicy in the test suite for an example of how this is done.
yesterday I told you that everything worked after setting up the chain overlay. I could change objects on the consumer side that got redirected to the provider.
Yesterday, I stopped the consumer side and tried to start it this day. But suddenly I get the follwing errors:
=> access_allowed: search access to "olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config" "objectClass" requested <= root access granted => access_allowed: search access granted by manage(=mwrscxd) <= test_filter 6 slapd-chain: first underlying database "olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config" cannot contain attribute "olcDbURI". : config_add_internal: DN="olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config" no structural objectClass add function config error processing olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config: send_ldap_result: conn=-1 op=0 p=0 send_ldap_result: err=65 matched="" text="" slapd destroy: freeing system resources. slapd stopped. connections_destroy: nothing to destroy.
Here is, what I added to th consumer to get the chain overlay added:
dn: olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config changetype: add objectClass: olcOverlayConfig objectClass: olcChainConfig olcOverlay: {0}chain
dn: olcDatabase=ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config changetype: add objectClass: olcLDAPConfig objectClass: olcChainDatabase olcDBURI: ldap://10.1.0.3/ olcDbIDAssertBind: bindmethod=simple binddn="cn=admin,dc=roessner-net,dc=de" credentials=********** mode=self
@Dieter: You have shown me your chain solution. You do have two ldap-directives under chain. Could this be the problem here?
This is my directory structure on the consumer side:
./cn=config: -rw------- 1 openldap openldap 405 2009-07-19 20:40 cn=module{0}.ldif drwxr-x--- 2 openldap openldap 4096 2009-07-01 14:57 cn=schema -rw-r----- 1 openldap openldap 307 2009-07-01 14:25 cn=schema.ldif drwxr-x--- 3 openldap openldap 4096 2009-07-26 11:20 olcDatabase={-1}frontend -rw-r----- 1 openldap openldap 390 2009-07-01 14:25 olcDatabase={-1}frontend.ldif -rw-r----- 1 openldap openldap 406 2009-07-01 14:25 olcDatabase={0}config.ldif -rw------- 1 openldap openldap 1741 2009-07-02 09:46 olcDatabase={1}hdb.ldif
./cn=config/olcDatabase={-1}frontend: drwxr-x--- 2 openldap openldap 4096 2009-07-26 11:20 olcOverlay={0}chain -rw------- 1 openldap openldap 373 2009-07-26 11:20 olcOverlay={0}chain.ldif
./cn=config/olcDatabase={-1}frontend/olcOverlay={0}chain: -rw------- 1 openldap openldap 510 2009-07-26 11:20 olcDatabase={0}ldap.ldif
Thanks alto for your help in advance.
Christian