0

I have an open ldap server, slapd, serving two DITs

  • first is a completely local tree, ou=People,dc=local,dc=company,dc=org because we have some external users in our department
  • second is a translucent overlay to the company's ldap ou=People,dc=company,dc=org with lots of additional local attributes

I have the completely local subtree because translucent overlay can create local entries with no parent, but then you can't access it except with slapcat (or a method I did not figure out yet).

This is completely functional BUT now, when searching for a user I would have to send two different searches, first with

ldapsearch -b ou=People,dc=local,dc=company,dc=org uid=user1

and second

ldapsearch -b ou=People,dc=company,dc=org uid=user1

in case the first search did not find anything.

Would it be possible to configure the server in a way that both trees are searched at once? Does any existent overlay give me this functionality, and if yes: how???

By the way: the uid is unique to both trees.

frank
  • 1

1 Answers1

0

You might want to read on how to glue databases together under a common suffix with the subordinate keyword.

Michael Ströder
  • 974
  • 5
  • 9