FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

LinkBack Thread Tools
Old 06-15-2011, 03:30 PM
Rich Megginson
Default ldap proxy and entry-based chaining: writing a plugin?

On 06/15/2011 09:27 AM, Roberto Polli wrote:
> Hi all, just a question.
> Does 389 provide a proxy functionality that can be used to identify
> immediately the right server to match?
> In case it's not supported, is it possible to develop a 389 plugin to manage
> it? Once developed, are you interested in merge that feature in the 389
> upstream?
> Imagine the following configuration:
> U - user
> P - ldap proxy with two chained server:
> * R1- real server 1
> * R2 - real server 2
> Actually when U issue a search, on P forwards it on both the chained server.
> I'd like to know if there's a plugin or some sort of dynamic configuration
> that can be used to redirect the search directly on the right server using
> some further information provided (eg. regex& co).
There is no plugin that can do this. The directory server has what's
called an Entry Distribution plugin API. This gives the plugin the
ability to determine which backend to send an operation to. If the
backend is a chaining backend, then this allows the plugin to determine
which ldap server to send the operation to. Replication chain-on-update
uses this feature to send search requests to the local backend and
update requests to a master. There are some sample plugins in the
source code.
> Here's a standard use case.
> 1- DIT:
> o=company, ou=italy, { dc=domain1.it, dc=domain2.it, dc=domain3.it}
> o=company, ou=france, { dc=domain1.fr, dc=domain2.fr, dc=domain3.fr}
> 2- Each county is managed by one cluster. The proxy is configured with two
> dblink/chain:
> ou=italy ->cluster1
> ou=france->cluster2
> 3- the search is done on the proxy using one attribute "mail=user@domain1.it"
> 4- I'd like that all domain matching .it$ are searched first on cluster1, and
> conversely if matching .fr$ on cluster2
> Obviously if you're interested I'll clarify.
> Peace,
> R.

389 users mailing list

Thread Tools

All times are GMT. The time now is 02:38 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org