There's almost no information about how Chain overlays are configured in OpenLDAP LDIF backend. What's the minimal configuration required?
OpenLDAP 2.4 Chain Overlay Minimal LDIF Configuration
configurationopenldap
configurationopenldap
There's almost no information about how Chain overlays are configured in OpenLDAP LDIF backend. What's the minimal configuration required?
Best Answer
The only way to work this out is by converting an old style configuration file into LDIF style. This show's quite a complex structure which isn't well documented.
The structure creates LDAP database entries in the frontend to intercept referrer responses.
To complicate matters, a schema validation conflicts with OpenLDAP's own configuration requirements (olcDbURI can not be used in the first entry). To work around this, the offline/direct modification must be made but remember that editing the LDIF directly with a text editor is strongly discouraged - See Working with OpenLDAP 2.4 LDIF config backend
If you're on Ubuntu/Debian, ensure you load the
back_ldap
module - OpenLDAP Chain not foundCreate "chainoverlay.ldif":
As root, import indirectly:
Create "defaultldap.ldif":
Import defaultldap.ldif offline (This is to work around schema validation):
Fix a weird entry and perms:
Start slapd:
Create a chain intercept configuration - chainedserver.ldif: