Red Hat Directory Server 8.0 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Red Hat Directory Server Software

121

122

123

124

125

126

127

128

129

130

2. Then specify the configuration information for the database link, DBLink1, on server one, as

follows:

dn: cn=DBLink1,cn=chaining database,cn=plugins,cn=config

objectclass: top

objectclass: extensibleObject

objectclass: nsBackendInstance

nsslapd-suffix: c=africa,ou=people,dc=example,dc=com

nsfarmserverurl: ldap://africa.example.com:389/

nsmultiplexorbinddn: cn=server1 proxy admin,cn=config

nsmultiplexorcredentials: secret

cn: DBLink1

nsCheckLocalACI:off

dn: cn="c=africa,ou=people,dc=example,dc=com",cn=mapping tree,cn=config

objectclass=nsMappingTree

nsslapd-state=backend

nsslapd-backend=DBLink1

nsslapd-parent-suffix: ou=people,dc=example,dc=com

cn: c=africa,ou=people,dc=example,dc=com

The first section creates the entry associated with DBLink1. The second section creates a

new suffix, allowing the server to direct requests made to the database link to the correct

server. The nsCheckLocalACI attribute does not need to be configured to check local ACIs,

as this is only required on the database link, DBLink2, on server two.

3. To implement loop detection, to specify the OID of the loop detection control in the

nsTransmittedControl attribute stored in cn=config,cn=chaining

database,cn=plugins,cn=config entry on server one.

dn: cn=config,cn=chaining database,cn=plugins,cn=config

changeType: modify

add: nsTransmittedControl

nsTransmittedControl: 1.3.6.1.4.1.1466.29539.12

As the nsTransmittedControl attribute is usually configured by default with the loop

detection control OID 1.3.6.1.4.1.1466.29539.12 value, it is wise to check beforehand

whether it already exists. If it does exist, this step is not necessary.

3.7.7.2. Configuring Server Two

1. Create a proxy administrative user on server two. This administrative user will be used to

allow server one to bind and authenticate to server two. It is useful to choose a proxy

administrative user name which is specific to server one, as it is the proxy administrative user

which will allow server one to bind to server two. Create the proxy administrative user, as

follows:

dn: cn=server1 proxy admin,cn=config

Chapter 3. Configuring Directory Databases

102