2011/11/17 Jeffrey Crawford <jeffreyc@ucsc.edu>
I think you may actually want is slapo-translucent, Basically it's
aproxy overlay with added local data on top of a bdb or hdb backend
On Wed, Nov 16, 2011 at 8:27 AM, benoit <ldap.benben@gmail.com> wrote:
> Hello Matheus,
> i don't want to propagate change to the master server and schema: i can't
> (no write access permission to it).
> I want my slave to continue replicate from the master and to be able to add
> new objects and add new attributes to existing one.
> thank you
> 2011/11/16 xsun <matheus.morais@gmail.com>
>>
>> Sorry but I did not understand what is your problem.
>> If you want to write on your 'slave' and want that change propagated to
>> all your servers, then you should search at slapd.conf manual for the
>> updateref option.
>>
>> On Wed, Nov 16, 2011 at 12:08 PM, benoit <ldap.benben@gmail.com> wrote:
>>>
>>> Hello,
>>> I have setup a ldap replicate, replicating data from an offsite ldap
>>> master. Replication is ok, but being a consumer replicate, my ldap server is
>>> read only.
>>> I need to add and modify attributes to this replicate, but i have no
>>> write access to the master and ldap master admin won't change/update
>>> schemas...
>>> From the guide, i can't figure if it's possible.
>>> Please, let me know what solution i have (on any Linux distro).
>>> thanks
>>> Ben,
>
>

Hello,

thank you for your answer and sorry for my late answer.
Actually, i managed to install proxy.exemple.fr, a translucent proxy to remote directory.
When i query the proxy, it returns me entry from the remote directory as expected:
$>ldapsearch -LLL -H ldap://proxy.exemple.fr -x -b "ou=people,dc=exemple, dc=fr" '(uid=bob)' 
dn: uid=bob,ou=people,dc=exemple,dc=fr
...
uid: bob
telephoneNumber: +01234567891

But  i don't understand how to add modify entry on the local proxy database. I tried to do from what i understood from the man pages and howto,but 
it's not working as expected.
I get an error when i laucn the following command on the empty proxy(slapcat returns nothing)
$>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap://proxy.exemple.fr  
Enter LDAP Password: 
dn: uid=bob,ou=people,dc=exemple,dc=fr
changetype:modify
replace:telephoneNumber
telephoneNumber:+000000000000   

modifying entry "uid=bob,ou=people,dc=exemple,dc=fr"
ldap_modify: No such object (32)
        additional info: attempt to modify nonexistent local record
$>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap://proxy.exemple.fr  
Enter LDAP Password: 
dn: uid=bob,ou=people,dc=exemple,dc=fr
changetype:modify
add:telephoneNumber1
telephoneNumber1:+00000000000

modifying entry "uid=bob,ou=people,dc=exemple,dc=fr"
ldap_modify: No such object (32)
        additional info: attempt to modify nonexistent local record

I need to add an entry to the local database with new or modified attribute.
$>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap://proxy.exemple.fr  
Enter LDAP Password: 
Enter LDAP Password: 
dn: uid=bob,ou=people,dc=exemple,dc=fr
changetype:add
telephoneNumber:+000000000000
telephoneNumber1:+00000000000

A query to the proxy returns me the new and modified attributes correctly:
$>ldapsearch -LLL -H ldap://proxy.exemple.fr -x -b "ou=people,dc=exemple, dc=fr" '(uid=bob)' 
dn: uid=bob,ou=people,dc=exemple,dc=fr
...
uid: bob
telephoneNumber: +000000000000
telephoneNumber1: +00000000000

But even with an entry in the local database, i can't replace or add attribute:
$>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap://proxy.exemple.fr  
Enter LDAP Password: 
dn: uid=bob,ou=people,dc=exemple,dc=fr
changetype:modify
replace:telephoneNumber
telephoneNumber:+666666666

modifying entry "uid=bob,ou=people,dc=exemple,dc=fr"
ldap_modify: No such object (32)
        additional info: attempt to modify nonexistent local record

$>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap://proxy.exemple.fr  
Enter LDAP Password: 
dn: uid=bob,ou=people,dc=exemple,dc=fr
changetype:modify
add:telephoneNumber2
telephoneNumber2:+2222222222222

modifying entry "uid=bob,ou=people,dc=exemple,dc=fr"
ldap_modify: No such object (32)
        additional info: attempt to modify nonexistent local record

Please, help me understand the way translucent works.

remote dir:
debian_version 5.0.6
slapd 2.4.11 (Jul 23 2010 21:37:26) $

###########################################"""
translucent proxy:
debian_version 6.0.3
OpenLDAP: slapd 2.4.23 (Jun 15 2011 13:31:57) $


#translucent conf partial extract:
backend         bdb
database        bdb
suffix          "dc=exemple,dc=fr"
rootdn          "cn=manager,dc=exemple,dc=fr"
rootpw          {SHA}YQn44Y9lEocMG=
directory       /var/lib/ldap
lastmod     off
overlay     translucent
uri         "ldap://remote.exemple.fr
acl-bind    binddn="cn=manager,dc=exemple,dc=fr" credentials="{SHA}YQn44Y9lEocMG="