Is it possible to add a domain on an already existing root?
I got the following root for now:
dc=lab,dc=corp
and I want to create a second Top entry on my root which will be named like this:
dc=prod,dc=corp
Is that possible?
I've try the following syntaxe without succes.
Racine.ldif:
#Racine dn: dc=prod, dc=corp ObjectClass: Top ObjectClass: dcObject ObjectClass: organization o: prod.corp dc: prod
#OU Groups dn: ou=groups, dc=prod, dc=geka ObjectClass: organizationalUnit ObjectClass: top ou: groups
#OU Users dn: ou=users, dc=prod, dc=geka ObjectClass: organizationalUnit ObjectClass: top ou: users
And then I've done the usual LdapADD command, but with the following error returned:
ldap_add: Server is unwilling to perform (53) Additional info: No global Superior Knowledge.
Well, my guest is that I didn't set correctly Slapd because my default root is lab.corp instead of being TLD .corp Is that theory right?
Many thanks
gael therond wrote:
Is it possible to add a domain on an already existing root?
I got the following root for now:
dc=lab,dc=corp
and I want to create a second Top entry on my root which will be named like this:
dc=prod,dc=corp
Is that possible?
It is possible, but it might not be desirable. In principle, you need to define "dc=prod, dc=corp" as an additional suffix for the database, something like
<existing> database <type> #... suffix "dc=lab,dc=corp" </existing>
<new1> database <type> #... suffix "dc=lab,dc=corp" suffix "dc=prod,dc=corp" </new1>
However, as far as I remember, back-bdb and back-hdb only support this when compiled with a special #define, and at some performance cost. A more straightforward solution would be to define
<new1> database <type> #... suffix "dc=corp" </new1>
and then add "dc=corp" as the root entry, and "dc=lab,dc=corp" and "dc=prod,dc=corp" as regular children entries of it.
I've try the following syntaxe without succes.
Racine.ldif:
#Racine dn: dc=prod, dc=corp ObjectClass: Top ObjectClass: dcObject ObjectClass: organization o: prod.corp dc: prod
#OU Groups dn: ou=groups, dc=prod, dc=geka ObjectClass: organizationalUnit ObjectClass: top ou: groups
#OU Users dn: ou=users, dc=prod, dc=geka ObjectClass: organizationalUnit ObjectClass: top ou: users
And then I've done the usual LdapADD command, but with the following error returned:
ldap_add: Server is unwilling to perform (53) Additional info: No global Superior Knowledge.
Well, my guest is that I didn't set correctly Slapd because my default root is lab.corp instead of being TLD .corp Is that theory right?
It is not clear from the message what entry failed. I assume it was "dc=prod,dc=corp" because it is not within the database's naming context. However the subsequent entries would be incorrect as well, becuase "dc=geka" is not within the "dc=corp" naming context.
p.
2011/1/12 Pierangelo Masarati masarati@aero.polimi.it
gael therond wrote:
Is it possible to add a domain on an already existing root?
I got the following root for now:
dc=lab,dc=corp
and I want to create a second Top entry on my root which will be named like this:
dc=prod,dc=corp
Is that possible?
It is possible, but it might not be desirable. In principle, you need to define "dc=prod, dc=corp" as an additional suffix for the database, something like
<existing> database <type> #... suffix "dc=lab,dc=corp" </existing>
<new1> database <type> #... suffix "dc=lab,dc=corp" suffix "dc=prod,dc=corp" </new1>
However, as far as I remember, back-bdb and back-hdb only support this when compiled with a special #define, and at some performance cost. A more straightforward solution would be to define
<new1> database <type> #... suffix "dc=corp" </new1>
and then add "dc=corp" as the root entry, and "dc=lab,dc=corp" and "dc=prod,dc=corp" as regular children entries of it.
I've try the following syntaxe without succes.
Racine.ldif:
#Racine dn: dc=prod, dc=corp ObjectClass: Top ObjectClass: dcObject ObjectClass: organization o: prod.corp dc: prod
#OU Groups dn: ou=groups, dc=prod, dc=geka ObjectClass: organizationalUnit ObjectClass: top ou: groups
#OU Users dn: ou=users, dc=prod, dc=geka ObjectClass: organizationalUnit ObjectClass: top ou: users
And then I've done the usual LdapADD command, but with the following error returned:
ldap_add: Server is unwilling to perform (53) Additional info: No global Superior Knowledge.
Well, my guest is that I didn't set correctly Slapd because my default root is lab.corp instead of being TLD .corp Is that theory right?
It is not clear from the message what entry failed. I assume it was "dc=prod,dc=corp" because it is not within the database's naming context. However the subsequent entries would be incorrect as well, becuase "dc=geka" is not within the "dc=corp" naming context.
p.
Many thanks,
As you said, I've re-read the manual and yes it's recommend to use a new database entry. Once again, you're right I'm using the BDB backend on my LDAP.
Your last solution is exactly what I'm looking for, have a root named Corp and two distinct children named Lab and Prod As we done with Active Directory (One forest with multiple domain on it).
Many thanks Once Again.
Problem Solved!!
openldap-technical@openldap.org
-
gael therond -
Pierangelo Masarati