Re: slapd.d syntax help for ldap proxy server

7 Feb 2011


      ...
Does anyone have a working ldap proxy configuration script?  Some
attributes
such as olcURI are not welcomed with slapd on ubuntu 10.10.  My goals is
to
make a standalone proxy.
s/olcURI/olcDbURI/
AFAIK, there's no specific documentation of slapd-ldap config schema; you
can configure it using slapd.conf, then slapcat the resulting cn=config
entry.
p.
...
TIA,
Anton
On Fri, Feb 4, 2011 at 12:46 PM, Dieter Kluenter
dieter@dkluenter.dewrote:
...
Am Fri, 4 Feb 2011 11:45:36 -0800
schrieb Anton Chu anton.chu@telecommand.com:
...
I'm trying to setup a ldap proxy server for push based replication.
I'm in need of help with providing the correct syntax on installing a
ldap proxy using slapd.d instead of slapd.conf.    The items in bold
are the questionable syntax that can crossover to slapd.d.  Here's my
slapd.d configuration:
Standalone LDAP Proxy:
...
# load the schemas
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
ldapadd -Y EXTERNAL -H ldapi:///
-f /etc/ldap/schema/inetorgperson.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/misc.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ldapns.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/openldap.ldif
# Load dynamic backend modules
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/lib/ldap
olcModuleload: back_hdb
olcModuleload: syncprov
# Database settings
dn: olcDatabase=hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
This should be a ldap database, not a hdb database
...
...
    database        ldap
    # ignore conflicts with other databases, as we need to push

out to same suffix hidden              on
        suffix          "dc=suretecsystems,dc=com"
        rootdn          "cn=slapd-ldap"
        uri             ldap://localhost:9012/
    lastmod         on

    # We don't need any access to this DSA
    restrict        all

    acl-bind        bindmethod=simple
                    binddn="cn=replicator,dc=suretecsystems,dc=com"
                    credentials=testing

    syncrepl        rid=001
                    provider=ldap://localhost:9011/
                    binddn="cn=replicator,dc=suretecsystems,dc=com"
                    bindmethod=simple
                    credentials=testing
                    searchbase="dc=suretecsystems,dc=com"
                    type=refreshAndPersist
                    retry="5 5 300 5"

    overlay         syncprov

-Dieter
--
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53°37'09,95"N
10°08'02,42"E

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: slapd.d syntax help for ldap proxy server