[Fedora-directory-users] Search w/ empty base dn
Richard Megginson
rmeggins at redhat.com
Fri Feb 10 19:05:52 UTC 2006
Glenn W. Bach wrote:
>>> I'm replacing an ldap server with Fedora Directory. The old one
>>> allows searches with
>>> the base dn empty. Is there a way to allow searches with a blank
>>> base dn in Fedora
>>> Directory?
>>
>
>> I'm assuming you mean the ability to perform a subtree search with a
>> base dn of "". No,
>> you cannot do this with Fedora DS. What is your old directory server?
>> Does it do this
>> by default or do you have to configure it to do so?
>
>
> Yes, -b ''
>
> We are actually replacing an Exchange 5.5 system that is pretending to
> be an ldap server.
> The unfortunate thing is that hundreds of users have their base dn
> blank, which is
> something Exchange can apparently deal with. I am not sure if it had
> to be specifically configured to allow this.
No, that explains it.
>
> So the bottom line sounds like we need to touch several hundred
> desktops if we want to transition away from Exchange. Sigh...
Perhaps not. OpenLDAP has the ability to act as an LDAP proxy and
rewrite the base DN. I'm not sure how to do this, but probably someone
on the openldap lists would know.
Alternately, you could write a plug-in (datainterop) that maps incoming
requests for base "" and sub scope to your real suffix.
>
> Thanks.
>
> Glenn
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060210/34c72234/attachment.bin>
More information about the Fedora-directory-users
mailing list