I built an openldap meta database to aggregate my different active directory domains for applications. If I search the individual paths (see configuration below) then I get results. But, when I search the base, and specifically have scope set to base, I get an error saying no naming context available. Below is my configuration for the database.
`
#Global options
conn_max_pending 1000
sockbuf_max_incoming 4194303
loglevel 0
sizelimit unlimited
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
LDAP Meta Configuration
database meta
suffix "dc=openldap,dc=local"
rootdn "cn=admin,dc=openldap,dc=local"
rootpw "<removed>"
uri "ldap://ad_server_1:389/ou=hunt,dc=openldap,dc=local"
lastmod off
readonly yes
rebind-as-user true
idassert-bind bindmethod=simple
binddn="CN=OVD Service Account,OU=UnManaged,DC=hunt,DC=local"
credentials="!QAZ2wsx#EDC"
mode=none
suffixmassage "ou=hunt,dc=openldap,dc=local" "dc=hunt,dc=local"
map attribute uid sAMAccountName
uri "ldap://ad_server_2:389/ou=hatsec,dc=openldap,dc=local"
lastmod off
readonly yes
rebind-as-user true
idassert-bind bindmethod=simple
binddn="CN=OVD Service Account,OU=UnManaged,DC=hatsec,DC=me"
credentials="!QAZ2wsx"
mode=none
suffixmassage "ou=hatsec,dc=openldap,dc=local" "dc=hatsec,dc=me"
map attribute uid userPrincipalName
`
When I run the search below, you can see the error / response I get. How do I add a naming context so can direct to the virtual entries in the directory so my application can search / discover them (am getting an error with this).
ldapsearch -H ldap://openldap.hunt.local:389 -D "cn=admin,dc=openldap,dc=local" -W -b "dc=openldap,dc=local" -s base "objectclass=*"
# extended LDIF
#
# LDAPv3
# base <dc=openldap,dc=local> with scope baseObject
# filter: objectclass=*
# requesting: ALL
#
# search result
search: 2
result: 32 No such object
matchedDN: dc=openldap,dc=local
text: Unable to select valid candidates
# numResponses: 1
Appreciate any help you can give on this.
Thanks Nick