Christian Marg writes:
Hmm, I might have to refer to some other LDAP server in the future, so this is a bit too simple. Too bad that there isn't a "refer-to"-backend that just refers someone querying it's suffix to a different server.
Might be useful, yes.
Maybe the LDAP backend could get an option to not actually contact the remote server, just return a referral:-)
Since I just want "referential integrity", i.e. the Server to know _something_ (even just a Referral) about a DN below "ou=X,o=Y,c=Z", I don't need the server to chase the referral. So I could add a second bdb (or even ldif!?) backend as Readonly etc, that just contains a referral entry for "ou=X,o=Y,c=Z"?
Sound like it, yes. Not the LDIF backend, it wasn't written for "real" use like that. Hmph, I've got to get around to committing the patches I have for just that.
Yet another option is to compile with CPPFLAGS=-DBDB_MULTIPLE_SUFFIXES which makes BDB accept multiple suffixes in a single database. I don't know if that code is still good though. Might be suffering from code rot.