Re: OpenLDAP & Mysql backend

2018-04-30 Thread Arianna Milazzo 
Hello!
I already read the docs.
I did as described in the documentation that I found here:
https://github.com/openldap/openldap/tree/master/servers/slapd/back-sql/docs
and here:
https://github.com/openldap/openldap/tree/master/servers/slapd/back-sql/rdbms_depend

Thanks,
Arianna

2018-04-30 10:21 GMT+02:00 Dieter Klünter :

> Am Thu, 26 Apr 2018 18:48:00 +0200
> schrieb Arianna Milazzo :
>
> > Hello!
> > I installed openLDAP on Debian 9 with mysql backend. I followed the
> > guide and I used example database
> > (http://www.openldap.org/faq/data/cache/978.html )
> >
> > Now, I can connect to openldap with root credential (in slapd.conf)
> > or with a "person" present in ldap_entries, but I don't see nothing:
> > no search result.
> > With Apache Directory Studio I see only organization.
> >
> > Even it's impossible add something: ldap_add: Server is unwilling to
> > perform (53)
> > additional info: operation not permitted within namingContext
> >
> > Please, someone can tell me why?
>
> Get the openldap source code,
> http://www.openldap.org/software/repo.html, within
> servers/slapd/back-sql/rdbms_depend/mysql/ you will find all
> documentation required.
>
> -Dieter
>
> --
> Dieter Klünter | Systemberatung
> http://sys4.de
> GPG Key ID: E9ED159B
> 53°37'09,95"N
> 10°08'02,42"E
>
>

Re: Separate trees openldap

2018-04-30 Thread Dieter Klünter 
Am Thu, 26 Apr 2018 09:33:56 -0300
schrieb seguranca informacao :

>  Hi guys,
> 
> I'm trying to accomplish a configuration that I'm not aware of. I
> need to replicate several directories (AD, openldap, etc) to a unique
> repository (my openldap). The thing is I need to have completely
> separate trees for each domain (client). Any ideas in how to do that?
> bellow is an example what I'm thinking of:
> 
> 
> dc=example,dc=com
>  cn=users
>  cn=groups
> 
> -- complete separation
> dc=domain,dc=com
>  cn=users
>  cn=groups
> 
> -- complete separation
> dc=test,dc=ca
>  cn=users
>  cn=groups
> 
> -- complete separation

make use of slapd-ldap(5), slapd-relay(5) and slapo-rwm(5)
something like:

database ldap
suffix dc=test,dc=ca
...
database relay
suffix dc=test,dc=example,dc=com
relay dc=test,dc=ca
overlay rw
rwm-suffixmassage  "dc=test,dc=example,dc=com" "dc=test,dc=ca"
subordinate

database mdb
suffix dc=example,dc=com

-Dieter

-- 
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E