Rakesh Yadav wrote:
I want to establish communication between two ldap servers at different machines. For this i have used "ref attribute of ldap" by using this attribute, i am
Not sure what you mean, but I presume you're using the LDAP referral mechanism.
able to retrieve entries of second ldap server. Means i can read or search entries of second server from first ldap server.
But the problem comes when i want to modify any attribute of an entry of second server from the first server.
Definitely i am having some access permissions related error.
Here i am attaching slapd.conf files of both ldap servers.
*First Server* *slapd.conf:*
(snip)
*access to * by * write*
^^^ not a wise policy, I hope it's just for testing. In any case you can't have any access privilege issue with it. Granted.
*Second server's slapd.conf:*
(snip)
*access to * by * write*
^^^ same as above
*FIRST LADP SERVER DN*:
fn=test_ref,fn=bioinfo,fn=gstorage,fn=gfs,dc=cdac,dc=in
where *test_ref* is having *ref* attribute
dn: fn=test_ref,fn=bioinfo,fn=gstorage,fn=gfs,dc=cdac,dc=in objectClass: referral objectClass: extensibleObject fn: test_ref ref: ldap://192.168.5.243/fn=test_ref,dc=cdac,dc=in
*NOW SECOND LDAP SERVER is having DN*:
dn: fn=test1,fn=test_ref,dc=cdac,dc=in
Now i want to delete "*fn=test1,fn=test_ref,dc=cdac,dc=in*" this entry. I have used ldap command line tool "*ldapdelete*" and executed this tool on *first LDAP machine*.
Then the result of command is:
**[root@tapti LDIF]# ldapdelete -x -h "tapti" -D "cn=Manager,dc=cdac,dc=in" "fn=test1,fn=test_ref,fn=bioinfo,fn=gstorage,fn=gfs,dc=cdac,dc=in" -w "secret" ldap_delete: Referral (10) matched DN: fn=test_ref,fn=bioinfo,fn=gstorage,fn=gfs,dc=cdac,dc=in referrals: ldap:// 192.168.5.243/fn=test1,fn=test_ref,fn=bioinfo,fn=gstorage,fn=gfs,dc=cdac,dc=in
This is the expected behavior: ldapdelete provides no means to automatically chase referrals.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando@sys-net.it -----------------------------------