We are attempting to setup a configuration that would allow us to bind/search 2 different back-ends with 2 completely different suffixes. Below is our configuration and the error we get back. We are able to connect to both back-ends provided the other is commented out in the slapd.conf file so we are sure the suffix change works for both targets.
[slapd.conf] database meta suffix "dc=virtual" lastmod off #rebind-as-user
uri "ldap://foo.wuaddev.wustl.edu/dc=virtual" suffixmassage "dc=virtual" "ou=Users,ou=Persons,dc=wuaddev,dc=wustl,dc=edu"
#uri "ldap://bar.wustl.edu/dc=virtual" #suffixmassage "dc=virtual" "OU=users,OU=ais"
[search command] -bash-3.00# ldapsearch -h localhost -v -b 'dc=virtual' -s sub -D 'cn=ssbinduser,dc=virtual' -w 'foobar' 'cn=ssbinduser' ldapsearch: started Tue Jun 17 13:28:59 2008
ldap_init( localhost, 389 ) ldap_simple_bind: Operations error
[Debug output of /usr/local/libexec/slapd] Ldap Err: DSID-0C0906 2B, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece.
This error comes from the remote LDAP server not accepting the bind request successfully.
Your insight is greatly appreciated.
Regards, Dan