I have LDAP service running on Ubuntu server. I use webmin to administer ldap service of the base dn mydomain.net. Is it possible runnig LDAP on multiple domains?, like I want to create one more different root domain mydomian2.com along with mydomain.net in ldap. Please share ideas if anybody has any.
Thanks!
What, specifically are you trying to do?
If you want to create a second LDAP tree you need a higher level root - You can base your tree at o=MyCompany, and have two Domain-Component trees under it (dc=mydomain2,dc=com,o=MyCompany & dc=mydomain,dc=net,o=MyCompany).
If you want to be pedantic (and if LDAP allows it) you can root your tree at dc=. as well in true DNS fashion.
If you just want to have two systems authenticate against the same LDAP data I wouldn't worry so much about the name. If you want to worry about it consider using an LDAP Referral if all your systems support it...
Reviving this to help out others. Zytrax demonstrates how to maintain one LDAP directory (DIT) across multiple servers/domains using syncrepl.
http://www.zytrax.com/books/ldap/ch7/index.html#ol-syncrepl-rap-slapd
Replication features allow LDAP DIT updates to be copied to one or more LDAP systems for backup and/or performance reasons. In this context it is worth emphasizing that replication operates at the DIT level not the LDAP server level. Thus, in a single server running multiple DITs each DIT may be replicated to a different server. Replication occurs periodically within what this guide calls the replication cycle time.
I'm interested in seeing if anyone has documentation on how to have multiple domains point to a single LDAP server for binding authentication, instead of syncronizing multiple servers.
For example, connecting to dev.example.com would authenticate against an LDAP DIT in auth.example.com, allowing the user to be authenticated within dev.example.com.
