2011/11/17 Jeffrey Crawford <jeffreyc@ucsc.edu>
I think you may actually want is slapo-translucent, Basically it's
aproxy overlay with added local data on top of a bdb or hdb backend
On Wed, Nov 16, 2011 at 8:27 AM, benoit <
ldap.benben@gmail.com> wrote:
> Hello Matheus,
> i don't want to propagate change to the master server and schema: i can't
> (no write access permission to it).
> I want my slave to continue replicate from the master and to be able to add
> new objects and add new attributes to existing one.
> thank you
> 2011/11/16 xsun <
matheus.morais@gmail.com>
>>
>> Sorry but I did not understand what is your problem.
>> If you want to write on your 'slave' and want that change propagated to
>> all your servers, then you should search at slapd.conf manual for the
>> updateref option.
>>
>> On Wed, Nov 16, 2011 at 12:08 PM, benoit <
ldap.benben@gmail.com> wrote:
>>>
>>> Hello,
>>> I have setup a ldap replicate, replicating data from an offsite ldap
>>> master. Replication is ok, but being a consumer replicate, my ldap server is
>>> read only.
>>> I need to add and modify attributes to this replicate, but i have no
>>> write access to the master and ldap master admin won't change/update
>>> schemas...
>>> From the guide, i can't figure if it's possible.
>>> Please, let me know what solution i have (on any Linux distro).
>>> thanks
>>> Ben,
>
>
Hello,
thank you for your answer and sorry for my late answer.
Actually, i managed to install
proxy.exemple.fr, a translucent proxy to remote directory.
When i query the proxy, it returns me entry from the remote directory as expected:
$>ldapsearch -LLL -H ldap://
proxy.exemple.fr -x -b "ou=people,dc=exemple, dc=fr" '(uid=bob)'
dn: uid=bob,ou=people,dc=exemple,dc=fr
...
uid: bob
telephoneNumber: +01234567891
But i don't understand how to add modify entry on the local proxy database. I tried to do from what i understood from the man pages and howto,but
it's not working as expected.
I get an error when i laucn the following command on the empty proxy(slapcat returns nothing)
Enter LDAP Password:
dn: uid=bob,ou=people,dc=exemple,dc=fr
changetype:modify
replace:telephoneNumber
telephoneNumber:+000000000000
modifying entry "uid=bob,ou=people,dc=exemple,dc=fr"
ldap_modify: No such object (32)
additional info: attempt to modify nonexistent local record
Enter LDAP Password:
dn: uid=bob,ou=people,dc=exemple,dc=fr
changetype:modify
add:telephoneNumber1
telephoneNumber1:+00000000000
modifying entry "uid=bob,ou=people,dc=exemple,dc=fr"
ldap_modify: No such object (32)
additional info: attempt to modify nonexistent local record
I need to add an entry to the local database with new or modified attribute.
Enter LDAP Password:
Enter LDAP Password:
dn: uid=bob,ou=people,dc=exemple,dc=fr
changetype:add
telephoneNumber:+000000000000
telephoneNumber1:+00000000000
A query to the proxy returns me the new and modified attributes correctly:
$>ldapsearch -LLL -H ldap://
proxy.exemple.fr -x -b "ou=people,dc=exemple, dc=fr" '(uid=bob)'
dn: uid=bob,ou=people,dc=exemple,dc=fr
...
uid: bob
telephoneNumber: +000000000000
telephoneNumber1: +00000000000
But even with an entry in the local database, i can't replace or add attribute:
Enter LDAP Password:
dn: uid=bob,ou=people,dc=exemple,dc=fr
changetype:modify
replace:telephoneNumber
telephoneNumber:+666666666
modifying entry "uid=bob,ou=people,dc=exemple,dc=fr"
ldap_modify: No such object (32)
additional info: attempt to modify nonexistent local record
Enter LDAP Password:
dn: uid=bob,ou=people,dc=exemple,dc=fr
changetype:modify
add:telephoneNumber2
telephoneNumber2:+2222222222222
modifying entry "uid=bob,ou=people,dc=exemple,dc=fr"
ldap_modify: No such object (32)
additional info: attempt to modify nonexistent local record
Please, help me understand the way translucent works.
remote dir:
debian_version 5.0.6
slapd 2.4.11 (Jul 23 2010 21:37:26) $
###########################################"""
translucent proxy:
debian_version 6.0.3
OpenLDAP: slapd 2.4.23 (Jun 15 2011 13:31:57) $
#translucent conf partial extract:
backend bdb
database bdb
suffix "dc=exemple,dc=fr"
rootdn "cn=manager,dc=exemple,dc=fr"
rootpw {SHA}YQn44Y9lEocMG=
directory /var/lib/ldap
lastmod off
overlay translucent
acl-bind binddn="cn=manager,dc=exemple,dc=fr" credentials="{SHA}YQn44Y9lEocMG="