Il 14/07/2016 14:57, Dirk Kastens ha scritto:
Hi,
does the admin account exist on the meta directory server and does it have the correct access rights?
ldapsearch -D "cn=admin,dc=server1,dc=xxxx" -w XXXXXXX -p 389 -h ldap.server0.xxxx -b "ou=users,dc=server1,dc=xxxx" -s sub "(uid=john)"
Hello,
first of all I'm sorry for the delay but I'm following this activity for a non-profit org in my spare time, so I need a lot of time to make all the tests and report the results without breaking their systems.
Your suggestion was correct, I needed to insert a valid RootDN/RootPW in the meta-DB to make it work. Surprisingly, the server did not give me an authentication error (this is why I could not understand where my mistake was residing), but after that it worked.
Now the problem has moved toward a different issue... As I said in my previous posts, my idea was to put a meta-DB next to the actual hdb DB on the "dc=loc0,dc=root" slapd but, as far as I can understand, this is not possible or, at least, I was not able to find a working configuration.
I tried to create a meta DB at the root of the DIT ("dc=root") and then to "mount" the local hdb subtree (simply creating the "dc=local0,dc=root" physical hdb) and the remote sub-trees under that; then I tried to do the opposite, creating an actual "(dc=local0,)dc=root" hdb and then "mount" the remote sub-trees using slapd-meta. None of them worked, I have always got an error stating that the "dc=root" base-DN already exists (I don't remember the exact error) when going to "step 2".
Thus, from what I can understand, it is not possible to perform what I need. A possible solution could be to create a couple more servers just for the purpose to run the slapd-meta DB, "mounting" all of the four actual hdbs exposed by the other servers, and exposing these meta-servers to the clients.
Are my discoveries correct? Is the last approach feasible/correct? Am I missing something?
Thank you again for your and the rest of the mailing list people availability.