LDAP setup with two DIT

0

I am having an openLDAP which is having a database say dc=domain1,dc=com.

Now I am trying to add 1 more, dc=domain2,dc=com.

Below are the steps, we did to achieve this,

[root@host user]#  service slapd stop
Stopping slapd:                                            [  OK  ]
[root@ host user  ]# slapadd -f /etc/openldap/slapd.conf -l  /tmp/domain2.ldif -S 001 -w
5ccd948f bdb_monitor_db_open: monitoring disabled; configure monitor database to enable
slapadd: line 1: database #1 (dc=domain1,dc=com) not configured to hold "dc=domain2,dc=com"; no database configured for that naming context
_#########             46.62% eta   none elapsed            none spd 935.8 k/s
Closing DB...
[root@ host user  ]#  service slapd start
Starting slapd:                                            [  OK  ]

Can someone suggest me how can I proceed ?

Here is my domain2.ldif contents:

dn: dc=domain2,dc=com
changetype: add
objectclass: top
objectclass: organization

dn: dc=mobileauth,dc=domain2,dc=com
changetype: add
objectclass: top
objectclass: dcObject

Vijayasundhar Nanjundan

Posted 2019-05-06T06:56:09.153

Reputation: 3

Answers

1

Each OpenLDAP backend is attached to a specific "suffix", therefore hosting multiple DITs with different DN suffixes requires multiple backend databases to be configured. For example:

database mdb
    suffix "dc=domain1,dc=com"
    directory "/var/lib/openldap/domain1"
    index and other settings...

database mdb
    suffix "dc=domain2,dc=com"
    directory "/var/lib/openldap/domain2"
    ...

If you're using cn=config, this corresponds to having multiple 'olcDatabase' entries, for example:

dn: olcDatabase={1}hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDbDirectory: /var/lib/ldap/domain1
olcSuffix: dc=domain1,dc=org
olcVariousOtherStuff...

dn: olcDatabase={2}hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDbDirectory: /var/lib/ldap/domain2
olcSuffix: dc=domain2,dc=org
...

When using slap* commands (slapadd, slapcat, etc.) you need to explicitly select the database (cn=config is #0, so your databases will likely start at #1):

slapcat -n 1
slapcat -n 2

slapcat -b dc=domain1,dc=org
slapcat -b dc=domain2,dc=org

user1686

Posted 2019-05-06T06:56:09.153

Reputation: 283 655

Thanks @grawity . we were able to get some points understood. – Vijayasundhar Nanjundan – 2019-05-06T12:54:25.813

Asked: 2019-05-06T06:56:09.153

Viewed: 151 times

Active: 2019-05-06T08:44:19.163