openldap-2.4.23 man slapo-translucent says: If neither translucent_local nor translucent_remote are specified, the default behavior is to search the remote database with the complete search filter. If only translucent_local is specified, searches will only be run on the local database. Likewise, if only translu- cent_remote is specified, searches will only be run on the remote database. In any case, both the local and remote entries corresponding to a search result will be merged before being returned to the client.
but when i test: local proxy conf:
####################################################### # Primary database definitions ####################################################### ###################################################### #databse bdb ##################################################### database bdb suffix "dc=test,dc=com" rootdn "cn=Manager,dc=test,dc=com" rootpw "123456" directory /usr/local/ldap/var/openldap-data index objectClass eq ###################################################### #overlays ###################################################### overlay translucent #translucent_remote street #translucent_local street uri ldap://remote:388 lastmod off idassert-bind bindmethod=simple binddn="cn=Manager,dc=test,dc=com" ######################################################
remote conf:
####################################################### # Primary database definitions ####################################################### database bdb suffix "dc=test,dc=com" rootdn "cn=Manager,dc=ec,dc=com" rootpw "123456" directory "/usr/local/ldap1/var/openldap-data"
index objectClass eq #######################################################
remote database have a entry:
# 111, GF3, ec.com dn: o=111,o=GF3,dc=test,dc=com objectClass: organization o: 111 street: remote
and in the local database change the street value:
# 111, GF3, ec.com dn: o=111,o=GF3,dc=test,dc=com objectClass: organization o: 111 street: local
then change the value "translucent_remote and translucent_local" in the local proxy conf。Do search in local: 1 set "translucent_local street" "ldapsearch -D "cn=Manager,dc=test,dc=com" -x -w 123456 -b "dc=test,dc=com" street=local" the result is: # extended LDIF # # LDAPv3 # base <dc=test,dc=com> with scope subtree # filter: street=local # requesting: ALL # # 111, GF3, ec.com dn: o=111,o=GF3,dc=ec,dc=com objectClass: organization o: 111 street: local It is right. 2 set "translucent_remote street" "ldapsearch -D "cn=Manager,dc=test,dc=com" -x -w 123456 -b "dc=test,dc=com" street=local" have no result. "ldapsearch -D "cn=Manager,dc=test,dc=com" -x -w 123456 -b "dc=test,dc=com" street=remote" have no result why? 3 do not set any "ldapsearch -D "cn=Manager,dc=test,dc=com" -x -w 123456 -b "dc=test,dc=com" street=local" have no result. "ldapsearch -D "cn=Manager,dc=test,dc=com" -x -w 123456 -b "dc=test,dc=com" street=remote" have no result why?