Hello, I have 2 LDAP servers: -machine 1:" localserver.domain.com" : the DIT is
dn: dc=example dc: bsr-ivv objectClass: top objectClass: dcObject objectclass: organization o: AAA dn: ou=Users,dc=example objectClass: top objectClass: organizationalUnit ou: Users
dn: ou=Groups,dc=example objectClass: top objectClass: organizationalUnit ou: Groups
-machine 2: "centralserver.domain.com": the DIT is the SAME.
and i want that request not found on "localserver.domain.com" should be delegated to "centralserver.domain.com"
the configuration of "localserver.domain.com" is: dn: cn=config objectClass: olcGlobal cn: config olcArgsFile: /var/run/openldap/slapd.args olcPidFile: /var/run/openldap/slapd.pid olcTLSCACertificatePath: /etc/openldap/certs olcTLSCertificateFile: "OpenLDAP Server" olcTLSCertificateKeyFile: /etc/openldap/certs/password structuralObjectClass: olcGlobal creatorsName: cn=config olcReferral: ldaps://centralserver.domain.com olcLogLevel: -1
I use the command "ldapsearch" on "localserver" to request data about "admincentral1" that only exists on "centralserver.domain.com" machine:
ldapsearch -H ldaps://localserver.domain.com -b ou=Users,dc=bsr-ivv -w password -D "cn=Admin,dc=example" uid=admincentral1 mail -x -C -d 129
But the client "ldapsearch" does not get the refferal of "centralserver" LDAP from "localserver". I look at slap logs and ldapsearch logs but the refferal is never received.
Shall i activate anything else? NB: if i use referral Objects, this works fine: i found logs like : " Jan 13 13:44:55 m-deploy slapd[24898]: send_ldap_result: referral="ldaps://centralserver.external.domain.com/ou=Users,dc=example" " but with that configuration, no referral are received by client...
Best regards Fabrice
openldap-technical@openldap.org