Hello, I'm trying to set up a replica of a remote server (suffix: ou=customer,o=main) in a local subtree (suffix: dc=example,dc=com). The two separate databases work, as I can add entries to both of them using their original suffix with ldapmodify. But no configuration of relay let's me query the replicated content using the local suffix, since ldapsearch either ends with "No Such Object" or doesn't terminate at all, it hangs after:
||connect success # extended LDIF # |ᅵ... # LDAPv3 ||||# base <ou=users,dc=example,dc=com> with scope baseObject ||||# filter: (objectclass=*) ||||# requesting: ALL ||||# |Graphically it should look like this:
Remote server:
ou=customer,o=main
|
`-- ou=users,ou=customer,o=main
ᅵᅵᅵ |
ᅵᅵᅵ `-- ou=1000002052,ou=users,ou=customer,o=main
ᅵᅵᅵ |
ᅵᅵᅵ `-- ou=1000001458,ou=users,ou=customer,o=main
ᅵᅵᅵ |
ᅵᅵᅵ `-- ou=1000002113,ou=users,ou=customer,o=main
Local server:
dc=example,dc=com
|
`-- ou=customers,dc=example,dc=com
|ᅵᅵ |
|ᅵᅵ `-- cn=name-one,dc=example,dc=com
|ᅵᅵ |
|ᅵᅵ `-- cn=name-two,dc=example,dc=com
|
`-- ou=users,dc=example,dc=com
ᅵᅵᅵ |
ᅵᅵᅵ *
ᅵᅵᅵ * (this is the replicated subtree, exposed under the new suffix)
ᅵᅵᅵ *
ᅵᅵᅵ |
ᅵᅵᅵ `-- ou=1000002052,ou=users,dc=example,dc=com
ᅵᅵᅵ |
ᅵᅵᅵ `-- ou=1000001458,ou=users,dc=example,dc=com
ᅵᅵᅵ |
ᅵᅵᅵ `-- ou=1000002113,ou=users,dc=example,dc=com
Here's one of my attempts:
# Remote database bdb directory ... suffix ou=customer,o=main rootdn ... rootpw ... access to * by * manage index ...
overlay memberof
# Relay database relay suffix ou=customers,dc=example,dc=com relay ou=customer,o=main
overlay rwm rwm-suffixmassage ou=customers,dc=example,dc=com ou=customer,o=main
# Local database bdb directory ... suffix dc=example,dc=com rootdn ... rootpw ... access to * by * manage index ...
overlay memberof
overlay refint refint_attributes member refint_nothing "cn=nobody,dc=example,dc=com"