Hi,
I have a problem with my Openldap Server 2.4.23 with SQL Backend. I have configured a referral to another Openldap server, but the referral dn is always the same as the bind dn from my ldapsearch command. So the referral dn is overwritten with the bind dn.
The server localhost:389 has rootdn="dc=sselab,dc=de"
And localhost:390 has rootdn="dc=tim,dc=sselab,dc=de"
Following are the configuration and the Log files of the LDAP Server with SQL Backend at Loglevel -1. In the Logfile you can see the starting of the server + the search "ldapsearch -xLLL -h localhost:389 -b dc=sselab,dc=de". I think at line 4114 one can see how the referral is used.
Slapd.conf : http://pastebin.com/tvtdNaZ6 http://pastebin.com/tvtdNaZ6
sql attribute mappings: http://image-upload.de/image/WcDeaB/fd191aa422.png http://image-upload.de/image/WcDeaB/fd191aa422.png
sql entries: http://image-upload.de/image/qGiBOY/51496a9462.png http://image-upload.de/image/qGiBOY/51496a9462.png
sql object classes: http://image-upload.de/image/Rei0X3/4f6b2b43f5.png http://image-upload.de/image/Rei0X3/4f6b2b43f5.png
sql oc mapping: http://image-upload.de/image/TRscIQ/7141e04af6.png http://image-upload.de/image/TRscIQ/7141e04af6.png
sql referral: http://image-upload.de/image/LGxZKQ/28773fadf7.png http://image-upload.de/image/LGxZKQ/28773fadf7.png
ldap Log: http://pastebin.com/N8NCyLzt http://pastebin.com/N8NCyLzt
To demonstrate the behavior:
Search for the referral Object:
user@user-desktop:~$ ldapsearch -M -xLLL -h localhost:389 "(objectClass=referral)" '*' ref
dn: dc=tim,dc=sselab,dc=de
objectClass: referral
objectClass: extensibleObject
dc: tim
ref: ldap://localhost:390/dc=tim,dc=sselab,dc=de#
which is exactly what I want!
But searching all objects:
user@user-desktop:~$ ldapsearch -xLLL -h localhost:389 -b dc=sselab,dc=de
dn: dc=sselab,dc=de
objectClass: dcObject
dc: sselab
.
# refldap://localhost:390/dc=sselab,dc=de??sub
Results with the wrong dn in refldap!
Search with the dc=tim DN :
user@user-desktop:~$ ldapsearch -xLLL -h localhost:389 -b dc=tim,dc=sselab,dc=de
Referral (10)
Referral: ldap://localhost:390/dc=tim,dc=sselab,dc=de??sub
If you need more Information please let me know.
Best regards
Robert Eikermann