Am Wed, 14 Sep 2016 16:00:33 +0200 schrieb "Ralf Mattes" rm@mh-freiburg.de:
Dear collectes list wisdom,
I'm running a ldap server whose main database holds a X500 style suffix (i.e. o=...,l=...,c=...). The organisations name does contain a non-ascii character 'ü'. So far this never has been a problem but now one of our partner institutions needs to access the server with tomcat/ndi/proprietary code and that fails misserably - no wonder: the send the bind DN with the wrong encoding. While I'm sure there is a solution on the Java/Tomcat side I'd like to provide the possibility to access the data under a different DN (with 'ü' replaced by 'ue'). My first attempt: I created a second database with the alternative suffix and placed an alias object as the topmost entry. That object points to the toplevel organisation object of the real database. But while I can see that object none of the child entries are found.
s there any to configure such an "alias suffix"?
There are quite a few possible solutions, 1. slapd-relay(5) 2. slapd-ldap(5) and a few more.
I would recommend slapd-relay, configuration could be:
... database relay suffix o=uebermut,c=XX relay o=übermut,c=XX ...
depending on your database design you may need the rwm overlay and some rewrite rules.
-Dieter