I'm trying to get one ldap server configured to chain queries to a second server when
specific OUs that are on the 2nd server (but not the 1st) are referenced in a
query/ldapsearch. Note that these are read-only consumers, so I am not dealing with
modifications, only searches. Both servers share the top level suffix.
An ldapsearch against the first server involving an OU that is on the second server
returns "no such Object"; and the logfile on the first server (loglevel 1)
shows no reference to the chain-uri or attempt to search outside the first server.
slapd.conf is valid per slaptest, and starts successfully.
However, an ldapsearch against the initial target server simply returns "No such
object", because it appears the chain is never followed or these directives are
inactive. In the local4.log with loglevel set to 1, there's never any
attempt/reference to the chain-uri, and no subsequent entry in the log file for the second
- should there be logfile entries on the first server referencing the chain-uri (or on the
client ldapsearch with -d1)?
- is there a missing directive or incorrect configuration?
Thanks for any assistance.