2011/11/17 Jeffrey Crawford <[email protected]> > I think you may actually want is slapo-translucent, Basically it's > aproxy overlay with added local data on top of a bdb or hdb backend > On Wed, Nov 16, 2011 at 8:27 AM, benoit <[email protected]> wrote: > > Hello Matheus, > > i don't want to propagate change to the master server and schema: i can't > > (no write access permission to it). > > I want my slave to continue replicate from the master and to be able to > add > > new objects and add new attributes to existing one. > > thank you > > 2011/11/16 xsun <[email protected]> > >> > >> Sorry but I did not understand what is your problem. > >> If you want to write on your 'slave' and want that change propagated to > >> all your servers, then you should search at slapd.conf manual for the > >> updateref option. > >> > >> On Wed, Nov 16, 2011 at 12:08 PM, benoit <[email protected]> wrote: > >>> > >>> Hello, > >>> I have setup a ldap replicate, replicating data from an offsite ldap > >>> master. Replication is ok, but being a consumer replicate, my ldap > server is > >>> read only. > >>> I need to add and modify attributes to this replicate, but i have no > >>> write access to the master and ldap master admin won't change/update > >>> schemas... > >>> From the guide, i can't figure if it's possible. > >>> Please, let me know what solution i have (on any Linux distro). > >>> thanks > >>> Ben, > > > > > > Hello,
thank you for your answer and sorry for my late answer. Actually, i managed to install proxy.exemple.fr, a translucent proxy to remote directory. When i query the proxy, it returns me entry from the remote directory as expected: $>ldapsearch -LLL -H ldap://proxy.exemple.fr -x -b "ou=people,dc=exemple, dc=fr" '(uid=bob)' dn: uid=bob,ou=people,dc=exemple,dc=fr ... uid: bob telephoneNumber: +01234567891 But i don't understand how to add modify entry on the local proxy database. I tried to do from what i understood from the man pages and howto,but it's not working as expected. I get an error when i laucn the following command on the empty proxy(slapcat returns nothing) $>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap:// proxy.exemple.fr Enter LDAP Password: dn: uid=bob,ou=people,dc=exemple,dc=fr changetype:modify replace:telephoneNumber telephoneNumber:+000000000000 modifying entry "uid=bob,ou=people,dc=exemple,dc=fr" ldap_modify: No such object (32) additional info: attempt to modify nonexistent local record $>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap:// proxy.exemple.fr Enter LDAP Password: dn: uid=bob,ou=people,dc=exemple,dc=fr changetype:modify add:telephoneNumber1 telephoneNumber1:+00000000000 modifying entry "uid=bob,ou=people,dc=exemple,dc=fr" ldap_modify: No such object (32) additional info: attempt to modify nonexistent local record I need to add an entry to the local database with new or modified attribute. $>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap:// proxy.exemple.fr Enter LDAP Password: Enter LDAP Password: dn: uid=bob,ou=people,dc=exemple,dc=fr changetype:add telephoneNumber:+000000000000 telephoneNumber1:+00000000000 A query to the proxy returns me the new and modified attributes correctly: $>ldapsearch -LLL -H ldap://proxy.exemple.fr -x -b "ou=people,dc=exemple, dc=fr" '(uid=bob)' dn: uid=bob,ou=people,dc=exemple,dc=fr ... uid: bob telephoneNumber: +000000000000 telephoneNumber1: +00000000000 But even with an entry in the local database, i can't replace or add attribute: $>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap:// proxy.exemple.fr Enter LDAP Password: dn: uid=bob,ou=people,dc=exemple,dc=fr changetype:modify replace:telephoneNumber telephoneNumber:+666666666 modifying entry "uid=bob,ou=people,dc=exemple,dc=fr" ldap_modify: No such object (32) additional info: attempt to modify nonexistent local record $>ldapmodify -x -W -D "cn=manager,dc=exemple,dc=fr" -H ldap:// proxy.exemple.fr Enter LDAP Password: dn: uid=bob,ou=people,dc=exemple,dc=fr changetype:modify add:telephoneNumber2 telephoneNumber2:+2222222222222 modifying entry "uid=bob,ou=people,dc=exemple,dc=fr" ldap_modify: No such object (32) additional info: attempt to modify nonexistent local record Please, help me understand the way translucent works. remote dir: debian_version 5.0.6 slapd 2.4.11 (Jul 23 2010 21:37:26) $ ###########################################""" translucent proxy: debian_version 6.0.3 OpenLDAP: slapd 2.4.23 (Jun 15 2011 13:31:57) $ #translucent conf partial extract: backend bdb database bdb suffix "dc=exemple,dc=fr" rootdn "cn=manager,dc=exemple,dc=fr" rootpw {SHA}YQn44Y9lEocMG= directory /var/lib/ldap lastmod off overlay translucent uri "ldap://remote.exemple.fr"; acl-bind binddn="cn=manager,dc=exemple,dc=fr" credentials="{SHA}YQn44Y9lEocMG="
