[Fedora-directory-users] LDAP Proxy in Fedora Directory Server

Rich Megginson rmeggins at redhat.com
Fri Jan 16 19:43:13 UTC 2009 

Tim Hartmann wrote:
> Rich,
>
> Thanks for the tip! So far that seems to be exactly what i need!  I had
> to set
>
> nsProxiedAuthorization to "no" for my proxy to work, once i did that I
> started getting the expected results of my query!
>
> I've set this up on one server, and I DO have a question about the best
> way to push this out to my replica's. Can Linking directories be
> replicated like other root suffix's, or should i be manually adding them
> to all the replica's. Can you set a replication agreement up for a Link
> /Chain at all,  and if you can, should you? 
>   
I'm not sure what you mean - do you mean replicate the definition of the 
database link?  If so, then no, you cannot replicate cn=config.  
However, you can add the database link definition over LDAP, so you 
could easily script it with ldapmodify to add it to all of your replicas.
> Thanks! And thanks again for steering me in the right direction!
>
> Tim
>
>
> Rich Megginson wrote:
>   
>> Tim Hartmann wrote:
>>     
>>> Hi
>>>
>>> I've got a question on referrals and proxy in RHDS. I'm in mid migration
>>> from OpenLDAP and I ran into this stansa in the slapd.conf of the old
>>> replicas.
>>>
>>> database        ldap
>>> suffix          "cn=OracleContext,dc=school,dc=edu"
>>> uri             ldap://oidnames.sub.school.edu:8010/
>>>
>>> >From what I understand this is a proxy to one of our sister
>>> organizations LDAP servers (Sun Directory Server I think)
>>>
>>> I've been trying to replicate this functionality in my RHDS
>>> installation, and  so far i've not been able to. I've tried default
>>> referrals and that doesn't seem to work. I've tried to use smart
>>> referrals, but that doesn't seem to be the right usage for smart
>>> referrals.
>>>
>>> Will RHDS / FDS do LDAP proxying? Is there some other way that I should
>>> set up referrals to allow this sort of functionality to work?
>>>   
>>>       
>> Referrals might work, if all of your clients are smart enough to know
>> how to follow them.
>>
>> I suggesting Chaining Database (aka Database Links) -
>> http://www.redhat.com/docs/manuals/dir-server/ag/8.0/index.html
>>     
>>> Thanks in advance for your help!
>>>
>>> Tim
>>>
>>>
>>> -- 
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users at redhat.com
>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>   
>>>       
>> ------------------------------------------------------------------------
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>   
>>     
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20090116/dfa75143/attachment.bin>

More information about the 389-users mailing list