Does anyone have a working ldap proxy configuration script? Some attributes such as olcURI are not welcomed with slapd on ubuntu 10.10. My goals is to make a standalone proxy.
TIA, Anton On Fri, Feb 4, 2011 at 12:46 PM, Dieter Kluenter <[email protected]>wrote: > Am Fri, 4 Feb 2011 11:45:36 -0800 > schrieb Anton Chu <[email protected]>: > > > I'm trying to setup a ldap proxy server for push based replication. > > I'm in need of help with providing the correct syntax on installing a > > ldap proxy using slapd.d instead of slapd.conf. The items in bold > > are the questionable syntax that can crossover to slapd.d. Here's my > > slapd.d configuration: > > > > > > Standalone LDAP Proxy: > > > > > > # load the schemas > > > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif > > > > > > ldapadd -Y EXTERNAL -H ldapi:/// > > > -f /etc/ldap/schema/inetorgperson.ldif > > > > > > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif > > > > > > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/misc.ldif > > > > > > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ldapns.ldif > > > > > > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/openldap.ldif > > > > > > > > > # Load dynamic backend modules > > > > > > dn: cn=module,cn=config > > > > > > objectClass: olcModuleList > > > > > > cn: module > > > > > > olcModulepath: /usr/lib/ldap > > > > > > olcModuleload: back_hdb > > > > > > olcModuleload: syncprov > > > > > > > > > # Database settings > > > > > > dn: olcDatabase=hdb,cn=config > > > > > > objectClass: olcDatabaseConfig > > > > > > objectClass: olcHdbConfig > > > > > > olcDatabase: {1}hdb > > This should be a ldap database, not a hdb database > > > > > > database ldap > > > # ignore conflicts with other databases, as we need to push > > > out to same suffix hidden on > > > suffix "dc=suretecsystems,dc=com" > > > rootdn "cn=slapd-ldap" > > > uri ldap://localhost:9012/ > > > > > > lastmod on > > > > > > # We don't need any access to this DSA > > > restrict all > > > > > > acl-bind bindmethod=simple > > > binddn="cn=replicator,dc=suretecsystems,dc=com" > > > credentials=testing > > > > > > syncrepl rid=001 > > > provider=ldap://localhost:9011/ > > > binddn="cn=replicator,dc=suretecsystems,dc=com" > > > bindmethod=simple > > > credentials=testing > > > searchbase="dc=suretecsystems,dc=com" > > > type=refreshAndPersist > > > retry="5 5 300 5" > > > > > > overlay syncprov > > -Dieter > > -- > Dieter Klünter | Systemberatung > http://dkluenter.de > GPG Key ID:DA147B05 > 53°37'09,95"N > 10°08'02,42"E >
