· Create /usr/local/etc/openldap/slapd.d/cn=config/olcDatabase={-1}frontend
· Create /usr/local/etc/openldap/slapd.d/cn=config/olcDatabase={-1}frontend/olcOverlay={0}chain
· Add olcOverlay={0}chain.ldif to /usr/local/etc/openldap/slapd.d/cn=config/olcDatabase={-1}frontend
dn: olcOverlay={0}chain
objectClass: olcOverlayConfig
objectClass: olcChainConfig
olcOverlay: {0}chain
olcChainCacheURI: FALSE
olcChainMaxReferralDepth: 1
olcChainReturnError: TRUE
structuralObjectClass:
olcChainConfig
· Add olcDatabase={0}ldap.ldif to /usr/local/etc/openldap/slapd.d/cn=config/olcDatabase={-1}frontend/olcOverlay={0}chain
dn: olcDatabase={0}ldap
objectClass: olcLDAPConfig
objectClass: olcChainDatabase
olcDatabase: {0}ldap
olcDbStartTLS: none
starttls=no
olcDbRebindAsUser: FALSE
olcDbChaseReferrals: TRUE
olcDbTFSupport: no
olcDbProxyWhoAmI: FALSE
olcDbProtocolVersion: 3
olcDbSingleConn: FALSE
olcDbCancel: abandon
olcDbUseTemporaryConn: FALSE
olcDbConnectionPoolMax: 16
olcDbSessionTrackingRequest: FALSE
olcDbNoRefs: FALSE
olcDbNoUndefFilter: FALSE
structuralObjectClass:
olcLDAPConfig
·
Add olcDatabase={1}ldap.ldif to
/usr/local/etc/openldap/slapd.d/cn=config/olcDatabase={-1}frontend/olcOverlay={0}chain
dn: olcDatabase={1}ldap
objectClass: olcLDAPConfig
objectClass: olcChainDatabase
olcDatabase: {1}ldap
olcDbURI: "ldap://master.dc.us"
olcDbStartTLS: none
starttls=no
olcDbIDAssertBind: mode=self
flags=prescriptive,proxy-authz-non-critical bindm
ethod=simple timeout=0
network-timeout=0 binddn="cn=manager,o=dc,c=us”
credentials="l4s3rj3t"
keepalive=0:0:0
olcDbRebindAsUser: FALSE
olcDbChaseReferrals: TRUE
olcDbTFSupport: no
olcDbProxyWhoAmI: FALSE
olcDbProtocolVersion: 3
olcDbSingleConn: FALSE
olcDbCancel: abandon
olcDbUseTemporaryConn: FALSE
olcDbConnectionPoolMax: 16
olcDbSessionTrackingRequest: FALSE
olcDbNoRefs: FALSE
olcDbNoUndefFilter: FALSE
structuralObjectClass: olcLDAPConfig
·
Restart
slapd