Hi there,
I need to add another rootdn in the same ldap server. The goal is to separate two organizations ldap authentication.
let's say i have these two rootdn's: (in the file slapd.conf)
database dbd suffix "dc=companya,dc=com" rootdn "cn=CompanyAManager,dc=companya,dc=com" rootpw {SSHA}as98dyasdhasiduhasiudhashdas directory /var/lib/ldap/companya
database dbd suffix "dc=companyb,dc=com" rootdn "cn=CompanyBManager,dc=companyb,dc=com" rootpw {SSHA}aoshdsadhsaodasdhasdhasih directory /var/lib/ldap/companyb
Any pointers or advise are really appreciated :)
Thank you all.
Regards, Rudy Setiawan
Each suffix has its own rootdn/rootpw. So assuming that you actually wrote a "dbd" backend (or perhaps mean "bdb"?), I think that would be a perfectly valid slapd.conf segment.
If you're looking for companya to write to companyb, or vice versa, see the slapd.access(5) man page.
On Thu, 21 Dec 2006, Rudy Setiawan wrote:
database dbd suffix "dc=companya,dc=com" rootdn "cn=CompanyAManager,dc=companya,dc=com" rootpw {SSHA}as98dyasdhasiduhasiudhashdas directory /var/lib/ldap/companya
database dbd suffix "dc=companyb,dc=com" rootdn "cn=CompanyBManager,dc=companyb,dc=com" rootpw {SSHA}aoshdsadhsaodasdhasdhasih directory /var/lib/ldap/companyb
Hi aaron,
oh yeah sorry about that dbd misspelled :)
It actually created the new dn for me.
I did have the two different rootdn/rootpw but when i tried to create a new ou within the new companyb, it'll give me an error:
bdb_db_init: Initializing BDB database bdb_db_init: Initializing BDB database str2entry: entry -1 has multiple DNs "dc=companyb,dc=com" and "ou=people,dc=companyb,dc=com"
the ldif.text:
dn: dc=companyb,dc=com dc: companyb description: CompanyB objectClass: dcObject objectClass: organization o: CompanyB dn: ou=people,dc=companyb,dc=com ou: people description: People with LDAP access
I might have done something wrong with the above ldif.
Thank you.
Regards, Rudy Setiawan
On 12/21/06, Aaron Richton richton@nbcs.rutgers.edu wrote:
Each suffix has its own rootdn/rootpw. So assuming that you actually wrote a "dbd" backend (or perhaps mean "bdb"?), I think that would be a perfectly valid slapd.conf segment.
If you're looking for companya to write to companyb, or vice versa, see the slapd.access(5) man page.
On Thu, 21 Dec 2006, Rudy Setiawan wrote:
database dbd suffix "dc=companya,dc=com" rootdn "cn=CompanyAManager,dc=companya,dc=com" rootpw {SSHA}as98dyasdhasiduhasiudhashdas directory /var/lib/ldap/companya
database dbd suffix "dc=companyb,dc=com" rootdn "cn=CompanyBManager,dc=companyb,dc=com" rootpw {SSHA}aoshdsadhsaodasdhasdhasih directory /var/lib/ldap/companyb
That's pretty far off from reality. You should probably read RFC2849 and the man pages for ldapadd/ldapmodify/ldapdelete, to get started.
On Thu, 21 Dec 2006, Rudy Setiawan wrote:
Hi aaron,
oh yeah sorry about that dbd misspelled :)
It actually created the new dn for me.
I did have the two different rootdn/rootpw but when i tried to create a new ou within the new companyb, it'll give me an error:
bdb_db_init: Initializing BDB database bdb_db_init: Initializing BDB database str2entry: entry -1 has multiple DNs "dc=companyb,dc=com" and "ou=people,dc=companyb,dc=com"
the ldif.text:
dn: dc=companyb,dc=com dc: companyb description: CompanyB objectClass: dcObject objectClass: organization o: CompanyB dn: ou=people,dc=companyb,dc=com ou: people description: People with LDAP access
I might have done something wrong with the above ldif.
Thank you.
Regards, Rudy Setiawan
On 12/21/06, Aaron Richton richton@nbcs.rutgers.edu wrote:
Each suffix has its own rootdn/rootpw. So assuming that you actually wrote a "dbd" backend (or perhaps mean "bdb"?), I think that would be a perfectly valid slapd.conf segment.
If you're looking for companya to write to companyb, or vice versa, see the slapd.access(5) man page.
On Thu, 21 Dec 2006, Rudy Setiawan wrote:
database dbd suffix "dc=companya,dc=com" rootdn "cn=CompanyAManager,dc=companya,dc=com" rootpw {SSHA}as98dyasdhasiduhasiudhashdas directory /var/lib/ldap/companya
database dbd suffix "dc=companyb,dc=com" rootdn "cn=CompanyBManager,dc=companyb,dc=com" rootpw {SSHA}aoshdsadhsaodasdhasdhasih directory /var/lib/ldap/companyb
-- +++++++++ Booo
openldap-software@openldap.org
-
Aaron Richton -
Rudy Setiawan