Douglas B. Jones wrote:
I am on 2.3.33 and I am trying to fix it so that people with an old base of o=gpc,c=us will automatically be given the results from the base dc=employee,dc=gpc,dc=edu. From the slapd-relay doc., I first tried:
database relay suffix "o=gpc,c=us" relay "dc=employee,dc=gpc,dc=edu"
slapd-relay doesn't rewrite things for you unless you instruct it to do so, e.g. by adding the "massage" keyword after the relayed naming context, e.g.
database relay suffix "o=gpc,c=us" relay "dc=employee,dc=gpc,dc=edu" massage
as clearly indicated in the documentation.
and tried a lookup with the command:
ldapsearch -b o=gpc,c=us uid=someone cn
and I get:
result: 53 Server is unwilling to perform
If I change the config. file to:
database relay suffix "o=gpc,c=us" overlay rwm suffixmessage "dc=employee,dc=gpc,dc=edu"
"suffixmessage" is an invalid statement (2.4 would throw you out; unfortunately 2.3 only complains if you enable "-d config" and that's it). Try "suffixmassage" instead, as clearly suggested in the documentation.
and try the same command, the slapd process disappears and no core file is found (I did a find on the whole system for anything with '*core*' in it.
You likely need to "ulimit -c unlimited" to remove core size limitations in your shell.
The output to the terminal is:
ldap_result: Can't contact LDAP server (-1)
and the logs have:
Jan 26 09:38:37 mldap slapd[19110]: conn=0 op=1 SRCH base="o=gpc,c=us" scope=2 d eref=0 filter="(uid=someone)" Jan 26 09:38:37 mldap slapd[19110]: conn=0 op=1 SRCH attr=cn
When I start slapd back up, it says in the logs:
Jan 26 09:42:55 mldap slapd[19149]: bdb_db_open: unclean shutdown detected; atte mpting recovery.
and works fine otherwise. I can stop and restart and the warning does not appear again - as expected (unless of course I do the same experiment again).
I am sort of new to the linux (RHEL4) environment, so I am not really sure where I should go from here. On tru64, I can attach to a process, slapd in this case, I am not sure how to do that in linux.
The two examples I used above came from the slapd-relay man page, as far as I can tell, with just what they had. Thanks for any help!
You can't just take a fraction of the examples, ignore essential bits and just complain they don't work. There were two examples in slapd-relay(5), they both work, as tested in test030 (which I hope is passing in your build, and you could have taken as a guideline in configuring your system), and you were able to screw both. The fact they don't get bounced at startup is not directly related to slapd-relay(5) itself, but rather to the way slapd up to 2.3 included handles syntax errors (actually, doesn't handle stale incorrect statements). Fortunately this changed in 2.4 (and we fear the number of complains about incorrect slapd.conf which used to work besides being incorrect, and do not work any more...).
p.