Il 14/07/2016 14:57, Dirk Kastens ha scritto:
does the admin account exist on the meta directory server and does it
have the correct access rights?
> ldapsearch -D "cn=admin,dc=server1,dc=xxxx" -w XXXXXXX -p 389 -h
> ldap.server0.xxxx -b "ou=users,dc=server1,dc=xxxx" -s sub
first of all I'm sorry for the delay but I'm following this activity for
a non-profit org in my spare time, so I need a lot of time to make all
the tests and report the results without breaking their systems.
Your suggestion was correct, I needed to insert a valid RootDN/RootPW in
the meta-DB to make it work. Surprisingly, the server did not give me an
authentication error (this is why I could not understand where my
mistake was residing), but after that it worked.
Now the problem has moved toward a different issue...
As I said in my previous posts, my idea was to put a meta-DB next to the
actual hdb DB on the "dc=loc0,dc=root" slapd but, as far as I can
understand, this is not possible or, at least, I was not able to find a
I tried to create a meta DB at the root of the DIT ("dc=root") and then
to "mount" the local hdb subtree (simply creating the
"dc=local0,dc=root" physical hdb) and the remote sub-trees under that;
then I tried to do the opposite, creating an actual
"(dc=local0,)dc=root" hdb and then "mount" the remote sub-trees using
None of them worked, I have always got an error stating that the
"dc=root" base-DN already exists (I don't remember the exact error) when
going to "step 2".
Thus, from what I can understand, it is not possible to perform what I
need. A possible solution could be to create a couple more servers just
for the purpose to run the slapd-meta DB, "mounting" all of the four
actual hdbs exposed by the other servers, and exposing these
meta-servers to the clients.
Are my discoveries correct? Is the last approach feasible/correct? Am I
Thank you again for your and the rest of the mailing list people