<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.2912" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=281072017-29062006><FONT face=Arial size=2>I am running the
latest Fedora-DS and trying to use nss_ldap. I have to migrate an older LDAP
server onto the Fedora-DS but keep temporarily the old tree structure for all
current LDAP clients. So I was goint to leave the old search base in
/etc/ldap.conf on the client and just re-direct queries to the new location (on
the same server). A job for referrals, I thought. I'll just put a stub root dc
on the new server and make it point to the new location, like
this:</FONT></SPAN></DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial
size=2>dc=a,dc=y</FONT></SPAN></DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial size=2>a referral to the
new</FONT></SPAN></DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial
size=2>dc=a,dc=b</FONT></SPAN></DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial size=2>I set this up,
ldapsearch shows that it's getting the right referral (though I can't seem to
get ldapsearch follow the the referral?)</FONT></SPAN></DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial size=2>However, if I try to
do anything involving nss_ldap (which otherwise works fine), I get this, for
example, in syslog:</FONT></SPAN></DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial size=2>getent: nss_ldap:
could not search LDAP server - Referral</FONT></SPAN></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial size=2>Does nss_ldap not
follow referalls? That would make it rather useless .... Is this a Fedora-DS
problem? </FONT></SPAN></DIV>
<DIV><SPAN class=281072017-29062006><FONT face=Arial size=2></FONT></SPAN><SPAN
class=281072017-29062006><FONT face=Arial size=2></FONT></SPAN> </DIV>
<DIV align=left><FONT face=Arial size=2>--</FONT></DIV>
<DIV align=left><FONT face=Arial size=2>Philip Kime</FONT></DIV>
<DIV align=left>
<DIV align=left><FONT face=Arial size=2></FONT></DIV></DIV></BODY></HTML>