We are attempting to setup a configuration that would allow us to bind/search 2 different back-ends with 2 completely different suffixes.  Below is our configuration and the error we get back.  We are able to connect to both back-ends provided the other is commented out in the slapd.conf file so we are sure the suffix change works for both targets.

[slapd.conf]
database        meta
suffix          "dc=virtual"
lastmod         off
#rebind-as-user

uri             "ldap://foo.wuaddev.wustl.edu/dc=virtual"
suffixmassage   "dc=virtual" "ou=Users,ou=Persons,dc=wuaddev,dc=wustl,dc=edu"

#uri            "ldap://bar.wustl.edu/dc=virtual"
#suffixmassage  "dc=virtual" "OU=users,OU=ais"


[search command]
-bash-3.00# ldapsearch -h localhost -v -b 'dc=virtual' -s sub -D 'cn=ssbinduser,dc=virtual' -w 'foobar' 'cn=ssbinduser'
ldapsearch: started Tue Jun 17 13:28:59 2008

ldap_init( localhost, 389 )
ldap_simple_bind: Operations error

[Debug output of /usr/local/libexec/slapd]
Ldap Err: DSID-0C0906 2B, comment: In order to perform  this operation a successful bind must be completed on the connection., data 0, vece.

This error comes from the remote LDAP server not accepting the bind request successfully.

Your insight is greatly appreciated.

Regards,
Dan