Ben Steeves wrote:
Hi Folks,
I'm having a problem that I'm going to go bald trying to solve, it
seems...
I've been tasked with creating a single searchable suffix for two
different trees (dc=one,dc=com and dc=two,dc=com for arguments sake).
The application that needs this suffix doesn't deal with referals, so
my first (and the obvious, I thought) solution won't work.
I delved into the Administrator's Guide and discovered the section on
chained suffixes (ie., Directory Links), and it seems good. The
problem? I can't make it work right.
On a test server, I've set up a "master" suffix, "dc=com", and
created
directory links to "dc=one,dc=com" and "dc=two,dc=com". I've
added
the proxy ACI on the One and Two LDAP directories. When I search the
test server, I can successfully find objects in the One tree, so it's
half working -- but the Two tree doesn't work. I've check and
re-checked and everything appears kosher.
Does the other LDAP server have dc=com
and two sub suffixes
dc=one,dc=com and dc=two,dc=com? Each with their own "real" database?
Am I barking up the wrong tree? Is there an easier way to do this?
Should I give up and take up basket weaving as a nice, harmless job,
and forget systems administration altogether?
It's difficult to say for sure
without reviewing all of your configuration.
Any help or suggestions would be appreciated.