2011/11/17 Jeffrey Crawford jeffreyc@ucsc.edu
I think you may actually want is slapo-translucent, Basically it's aproxy overlay with added local data on top of a bdb or hdb backend On Wed, Nov 16, 2011 at 8:27 AM, benoit ldap.benben@gmail.com wrote:
Hello Matheus, i don't want to propagate change to the master server and schema: i can't (no write access permission to it). I want my slave to continue replicate from the master and to be able to
add
new objects and add new attributes to existing one. thank you 2011/11/16 xsun matheus.morais@gmail.com
Sorry but I did not understand what is your problem. If you want to write on your 'slave' and want that change propagated to all your servers, then you should search at slapd.conf manual for the updateref option.
On Wed, Nov 16, 2011 at 12:08 PM, benoit ldap.benben@gmail.com wrote:
Hello, I have setup a ldap replicate, replicating data from an offsite ldap master. Replication is ok, but being a consumer replicate, my ldap
server is
read only. I need to add and modify attributes to this replicate, but i have no write access to the master and ldap master admin won't change/update schemas... From the guide, i can't figure if it's possible. Please, let me know what solution i have (on any Linux distro). thanks Ben,
Hello,
thank you for your answer and sorry for my late answer. Actually, i managed to install proxy.exemple.fr, a translucent proxy to remote directory. When i query the proxy, it returns me entry from the remote directory as expected: $>ldapsearch -LLL -H ldap://proxy.exemple.fr -x -b "ou=people,dc=exemple, dc=fr" '(uid=bob)' dn: uid=bob,ou=people,dc=exemple,dc=fr ... uid: bob telephoneNumber: +01234567891
But i don't understand how to add modify entry on the local proxy database. I tried to do from what i understood from the man pages and howto,but it's not working as expected. I get an error when i laucn the following command on the empty proxy(slapcat returns nothing) $>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap:// proxy.exemple.fr Enter LDAP Password: dn: uid=bob,ou=people,dc=exemple,dc=fr changetype:modify replace:telephoneNumber telephoneNumber:+000000000000
modifying entry "uid=bob,ou=people,dc=exemple,dc=fr" ldap_modify: No such object (32) additional info: attempt to modify nonexistent local record $>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap:// proxy.exemple.fr Enter LDAP Password: dn: uid=bob,ou=people,dc=exemple,dc=fr changetype:modify add:telephoneNumber1 telephoneNumber1:+00000000000
modifying entry "uid=bob,ou=people,dc=exemple,dc=fr" ldap_modify: No such object (32) additional info: attempt to modify nonexistent local record
I need to add an entry to the local database with new or modified attribute. $>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap:// proxy.exemple.fr Enter LDAP Password: Enter LDAP Password: dn: uid=bob,ou=people,dc=exemple,dc=fr changetype:add telephoneNumber:+000000000000 telephoneNumber1:+00000000000
A query to the proxy returns me the new and modified attributes correctly: $>ldapsearch -LLL -H ldap://proxy.exemple.fr -x -b "ou=people,dc=exemple, dc=fr" '(uid=bob)' dn: uid=bob,ou=people,dc=exemple,dc=fr ... uid: bob telephoneNumber: +000000000000 telephoneNumber1: +00000000000
But even with an entry in the local database, i can't replace or add attribute: $>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap:// proxy.exemple.fr Enter LDAP Password: dn: uid=bob,ou=people,dc=exemple,dc=fr changetype:modify replace:telephoneNumber telephoneNumber:+666666666
modifying entry "uid=bob,ou=people,dc=exemple,dc=fr" ldap_modify: No such object (32) additional info: attempt to modify nonexistent local record
$>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap:// proxy.exemple.fr Enter LDAP Password: dn: uid=bob,ou=people,dc=exemple,dc=fr changetype:modify add:telephoneNumber2 telephoneNumber2:+2222222222222
modifying entry "uid=bob,ou=people,dc=exemple,dc=fr" ldap_modify: No such object (32) additional info: attempt to modify nonexistent local record
Please, help me understand the way translucent works.
remote dir: debian_version 5.0.6 slapd 2.4.11 (Jul 23 2010 21:37:26) $
###########################################""" translucent proxy: debian_version 6.0.3 OpenLDAP: slapd 2.4.23 (Jun 15 2011 13:31:57) $
#translucent conf partial extract: backend bdb database bdb suffix "dc=exemple,dc=fr" rootdn "cn=manager,dc=exemple,dc=fr" rootpw {SHA}YQn44Y9lEocMG= directory /var/lib/ldap lastmod off overlay translucent uri "ldap://remote.exemple.fr" acl-bind binddn="cn=manager,dc=exemple,dc=fr" credentials="{SHA}YQn44Y9lEocMG="