> Does anyone have a working ldap proxy configuration script? Some > attributes > such as olcURI are not welcomed with slapd on ubuntu 10.10. My goals is > to > make a standalone proxy.
s/olcURI/olcDbURI/ AFAIK, there's no specific documentation of slapd-ldap config schema; you can configure it using slapd.conf, then slapcat the resulting cn=config entry. p. > > TIA, > Anton > > On Fri, Feb 4, 2011 at 12:46 PM, Dieter Kluenter > <[email protected]>wrote: > >> Am Fri, 4 Feb 2011 11:45:36 -0800 >> schrieb Anton Chu <[email protected]>: >> >> > I'm trying to setup a ldap proxy server for push based replication. >> > I'm in need of help with providing the correct syntax on installing a >> > ldap proxy using slapd.d instead of slapd.conf. The items in bold >> > are the questionable syntax that can crossover to slapd.d. Here's my >> > slapd.d configuration: >> > >> > >> > Standalone LDAP Proxy: >> > > >> > > # load the schemas >> > > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif >> > > >> > > ldapadd -Y EXTERNAL -H ldapi:/// >> > > -f /etc/ldap/schema/inetorgperson.ldif >> > > >> > > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif >> > > >> > > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/misc.ldif >> > > >> > > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ldapns.ldif >> > > >> > > ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/openldap.ldif >> > > >> > > >> > > # Load dynamic backend modules >> > > >> > > dn: cn=module,cn=config >> > > >> > > objectClass: olcModuleList >> > > >> > > cn: module >> > > >> > > olcModulepath: /usr/lib/ldap >> > > >> > > olcModuleload: back_hdb >> > > >> > > olcModuleload: syncprov >> > > >> > > >> > > # Database settings >> > > >> > > dn: olcDatabase=hdb,cn=config >> > > >> > > objectClass: olcDatabaseConfig >> > > >> > > objectClass: olcHdbConfig >> > > >> > > olcDatabase: {1}hdb >> >> This should be a ldap database, not a hdb database >> > > >> > > database ldap >> > > # ignore conflicts with other databases, as we need to push >> > > out to same suffix hidden on >> > > suffix "dc=suretecsystems,dc=com" >> > > rootdn "cn=slapd-ldap" >> > > uri ldap://localhost:9012/ >> > > >> > > lastmod on >> > > >> > > # We don't need any access to this DSA >> > > restrict all >> > > >> > > acl-bind bindmethod=simple >> > > binddn="cn=replicator,dc=suretecsystems,dc=com" >> > > credentials=testing >> > > >> > > syncrepl rid=001 >> > > provider=ldap://localhost:9011/ >> > > binddn="cn=replicator,dc=suretecsystems,dc=com" >> > > bindmethod=simple >> > > credentials=testing >> > > searchbase="dc=suretecsystems,dc=com" >> > > type=refreshAndPersist >> > > retry="5 5 300 5" >> > > >> > > overlay syncprov >> >> -Dieter >> >> -- >> Dieter Klünter | Systemberatung >> http://dkluenter.de >> GPG Key ID:DA147B05 >> 53°37'09,95"N >> 10°08'02,42"E >> >
