Chapter 3. Configuring Directory Databases

2.Then specify the configuration information for the database link, DBLink1, on server one, as follows:

dn: cn=DBLink1,cn=chaining database,cn=plugins,cn=config

objectclass: top

objectclass: extensibleObject

objectclass: nsBackendInstance

nsslapd-suffix: c=africa,ou=people,dc=example,dc=com

nsfarmserverurl: ldap://africa.example.com:389/

nsmultiplexorbinddn: cn=server1 proxy admin,cn=config

nsmultiplexorcredentials: secret

cn: DBLink1 nsCheckLocalACI:off

dn: cn="c=africa,ou=people,dc=example,dc=com",cn=mapping tree,cn=config objectclass=nsMappingTree

nsslapd-state=backend nsslapd-backend=DBLink1 nsslapd-parent-suffix: ou=people,dc=example,dc=com cn: c=africa,ou=people,dc=example,dc=com

The first section creates the entry associated with DBLink1. The second section creates a new suffix, allowing the server to direct requests made to the database link to the correct server. The nsCheckLocalACI attribute does not need to be configured to check local ACIs, as this is only required on the database link, DBLink2, on server two.

3.To implement loop detection, to specify the OID of the loop detection control in the nsTransmittedControl attribute stored in cn=config,cn=chaining database,cn=plugins,cn=config entry on server one.

dn: cn=config,cn=chaining database,cn=plugins,cn=config

changeType: modify

add: nsTransmittedControl

nsTransmittedControl: 1.3.6.1.4.1.1466.29539.12

As the nsTransmittedControl attribute is usually configured by default with the loop detection control OID 1.3.6.1.4.1.1466.29539.12 value, it is wise to check beforehand whether it already exists. If it does exist, this step is not necessary.

3.7.7.2. Configuring Server Two

1.Create a proxy administrative user on server two. This administrative user will be used to allow server one to bind and authenticate to server two. It is useful to choose a proxy administrative user name which is specific to server one, as it is the proxy administrative user which will allow server one to bind to server two. Create the proxy administrative user, as follows:

dn: cn=server1 proxy admin,cn=config

102

Page 122
Image 122
HP UX Red Hat Direry Server Software manual Configuring Server Two, 102