Dears,
I've created a META configuration pointing to another backend ldap for which I'd like to use a generic user which will be used as unique user to fetch datas in backend requested by all users coming from the META proxy frontend.
I did following dynamic configuration :
dn: olcDatabase={2}meta objectClass: olcDatabaseConfig objectClass: olcMetaConfig olcDatabase: {2}meta olcSuffix: o=mobistar.be olcAddContentAcl: FALSE olcLastBind: TRUE olcReadOnly: FALSE olcRootDN: cn=directory manager,o=mobistar.be olcRootPW: secret olcSyncUseSubentry: FALSE olcMonitoring: FALSE olcDbOnErr: continue olcDbPseudoRootBindDefer: TRUE olcDbSingleConn: FALSE olcDbUseTemporaryConn: FALSE olcDbConnectionPoolMax: 16 olcDbBindTimeout: 1000000 olcDbCancel: abandon olcDbChaseReferrals: FALSE olcDbNoRefs: FALSE olcDbNoUndefFilter: FALSE olcDbProtocolVersion: 3 olcDbRebindAsUser: FALSE olcDbSessionTrackingRequest: FALSE olcDbTFSupport: no structuralObjectClass: olcMetaConfig entryUUID: c113f986-35b0-103d-9f4f-85924223dda7 creatorsName: cn=config createTimestamp: 20230131124432Z olcMaxDerefDepth: 15 olcDbNretries: 100 olcLastMod: FALSE entryCSN: 20230227112001.500938Z#000000#001#000000 modifiersName: cn=manager,cn=config modifyTimestamp: 20230227112001Z
dn: olcMetaSub={0}uri objectClass: olcMetaTargetConfig olcMetaSub: {0}uri olcDbKeepalive: 0:0:0 olcDbTcpUserTimeout: 0 olcDbCancel: abandon olcDbChaseReferrals: FALSE olcDbNoRefs: FALSE olcDbNoUndefFilter: FALSE olcDbNretries: 100 olcDbProtocolVersion: 3 olcDbRebindAsUser: FALSE olcDbSessionTrackingRequest: FALSE olcDbTFSupport: no structuralObjectClass: olcMetaTargetConfig entryUUID: c113fc9c-35b0-103d-9f50-85924223dda7 creatorsName: cn=config createTimestamp: 20230131124432Z olcDbBindTimeout: 1000000 olcDbURI: "ldap://accmasterldapcorp.nonprod.priv.orange.be:389/o=mobistar.be olcDbIDAssertBind: mode=self flags=non-prescriptive,proxy-authz-non-critical b indmethod=simple timeout=0 network-timeout=0 binddn="uid=ldapproxyuser_acc,ou =test,ou=system,o=mobistar.be" credentials="secret" keepalive=0:0:0 tc p-user-timeout=0 entryCSN: 20230227142538.253522Z#000000#001#000000 modifiersName: cn=manager,cn=config modifyTimestamp: 20230227142538Z
But when I do a ldapsearch with a user known in the backend from the META, it'll not take the olcDbIDAssertBind and it didn't found nothing. If I do the same request directly on the backend, I get what I'm searching for.
Can you help me by giving me some advice about what I'm missing or what's erroneous ?
Thx in advance, Jean_luc.