Hi! I'm migrating from OpenLDAP to Fedora Directory. In the OpenLDAP infrastructure, I had used proxy LDAP servers (the slapd-ldap backend) to direct requests to slapd-bdb backend OpenLDAP instances with failover in case of failure. In addition to that, using the rwm overlay, the slapd-ldap instance did request rewriting of queries that specify empty base dn. The configuration for slapd-ldap instance was: database ldap suffix "" uri "ldap://localhost:392/,ldaps://otherserver:636/"; timeout 24 idle-timeout 16 overlay rwm rwm-rewriteEngine on rwm-rewriteContext searchBase rwm-rewriteRule "$" "o=MyDefaultBase" ":" I've read a thread from 2006-02 on this list (https://www.redhat.com/archives/fedora-directory-users/2006-February/msg00108.html) that it's possible to get a similar behaviour on FDS by modifying dse.ldif. I've stopped the FDS instance, modified /etc/dirsrv/slapd-instancename/dse.ldif and started FDS again: dn: objectClass: top objectClass: extensibleObject defaultsearchbase: o=MyDefaultBase aci: (targetattr != "aci")(version 3.0; aci "rootdse anon read access"; allow( read,search,compare) userdn="ldap:///anyone";;) creatorsName: cn=server,cn=plugins,cn=config modifiersName: cn=server,cn=plugins,cn=config createTimestamp: 20080411165538Z modifyTimestamp: 20080411165538Z However, it still doesn't return anything when clients search with empty base: # /usr/lib64/mozldap/ldapsearch -b 'o=MyDefaultBase' -s sub uid=olo uid version: 1 dn: uid=olo,ou=People,o=MyDefaultBase uid: olo # /usr/lib64/mozldap/ldapsearch -b '' -s sub uid=olo uid ldap_search: No such object Maybe it's relevant that the host in question takes part in multi-master replication setup of 3 FDS servers. -- Best Regards, Aleksander Adamowski GG#: 274614 ICQ UIN: 19780575 http://olo.org.pl -- Aleksander Adamowski Administrator system?w korporacyjnych; Instruktor Altkom Akademia S.A. http://www.altkom.pl Warszawa, ul. Ch?odna 51 tel. brak kom. +48 601-318-080 S?d Rejonowy dla m.st. Warszawy w Warszawie, XII Wydzia? Gospodarczy Krajowego Rejestru S?dowego, KRS: 0000120139, NIP 118-00-08-391, Kapita? zak?adowy: 1000 000 PLN. Adres rejestrowy Firmy - ul. Stawki 2, 00-193 Warszawa. Niniejsza wiadomo?? zawiera informacje zastrze?one i stanowi?ce tajemnic? przedsi?biorstwa firmy Altkom Akademia S.A. Ujawnianie tych informacji osobom trzecim lub nieuprawnione wykorzystanie ich do w?asnych cel?w jest zabronione. Je?eli otrzymali?cie Pa?stwo niniejsz? wiadomo?? omy?kowo, prosimy o niezw?oczne skontaktowanie si? z nadawc? oraz usuni?cie wszelkich kopii niniejszej wiadomo?ci. This message contains proprietary information and trade secrets of Altkom Akademia S.A. company. Unauthorized use or disclosure of this information to any third party is prohibited. If you received this message by mistake, please contact the sender immediately and delete all copies of this message.
