Two things to check:
1. Make sure nss_ldap is configured to follow referrals. Not sure if
you're using Sun's or PADL's (Linux) nss_ldap, but each have an option
for this.
Sun (in /var/ldap/ldap_client_file):
NS_LDAP_SEARCH_REF= TRUE
PADL (usually in /etc/ldap.conf):
referrals yes
2. Make sure that the bind DN you're using to bind to the first
directory server also exists on the second (referral target) directory
server, and has the same password.
There may be something else going on, but check these two first.
Philip Kime wrote:
I am running the latest Fedora-DS and trying to use nss_ldap. I have
to migrate an older LDAP server onto the Fedora-DS but keep
temporarily the old tree structure for all current LDAP clients. So I
was goint to leave the old search base in /etc/ldap.conf on the client
and just re-direct queries to the new location (on the same server). A
job for referrals, I thought. I'll just put a stub root dc on the new
server and make it point to the new location, like this:
dc=a,dc=y
a referral to the new
dc=a,dc=b
I set this up, ldapsearch shows that it's getting the right referral
(though I can't seem to get ldapsearch follow the the referral?)
However, if I try to do anything involving nss_ldap (which otherwise
works fine), I get this, for example, in syslog:
getent: nss_ldap: could not search LDAP server - Referral
Does nss_ldap not follow referalls? That would make it rather useless
.... Is this a Fedora-DS problem?
--
Philip Kime
------------------------------------------------------------------------
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
