[Fedora-directory-users] Referrals break everything ...
George Holbert
gholbert at broadcom.com
Thu Jun 29 17:39:46 UTC 2006
Two things to check:
1. Make sure nss_ldap is configured to follow referrals. Not sure if
you're using Sun's or PADL's (Linux) nss_ldap, but each have an option
for this.
Sun (in /var/ldap/ldap_client_file):
NS_LDAP_SEARCH_REF= TRUE
PADL (usually in /etc/ldap.conf):
referrals yes
2. Make sure that the bind DN you're using to bind to the first
directory server also exists on the second (referral target) directory
server, and has the same password.
There may be something else going on, but check these two first.
Philip Kime wrote:
> I am running the latest Fedora-DS and trying to use nss_ldap. I have
> to migrate an older LDAP server onto the Fedora-DS but keep
> temporarily the old tree structure for all current LDAP clients. So I
> was goint to leave the old search base in /etc/ldap.conf on the client
> and just re-direct queries to the new location (on the same server). A
> job for referrals, I thought. I'll just put a stub root dc on the new
> server and make it point to the new location, like this:
>
> dc=a,dc=y
>
> a referral to the new
>
> dc=a,dc=b
>
> I set this up, ldapsearch shows that it's getting the right referral
> (though I can't seem to get ldapsearch follow the the referral?)
>
> However, if I try to do anything involving nss_ldap (which otherwise
> works fine), I get this, for example, in syslog:
>
> getent: nss_ldap: could not search LDAP server - Referral
>
> Does nss_ldap not follow referalls? That would make it rather useless
> .... Is this a Fedora-DS problem?
>
> --
> Philip Kime
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
More information about the Fedora-directory-users
mailing list