Directory Proxy Server 6: Data Pools and Data Views

Download DSEE free of charge

This entry shows how to set up the following scenario with Directory Proxy Server 6.

Send requests for ou=People_Pool1 to Servers A and B
Send requests for ou=People_Pool2 to Servers C and D

Thanks to Jay Biddle for the suggestion.

How To Prepare Directory Servers A, B, C, and D

In this example servers A and B are Directory Servers housing the suffix ou=People_Pool1, which contains seven entries, including 3 user entries. See ExamplePool1.ldif.

Directory Servers C and D house the suffix ou=People_Pool2. See ExamplePool2.ldif.

In this example all servers are on the same host. Directory Server A listens for LDAP on port 1389, B on 2389, C on 3389, and D on 4389.

If you want to import the LDIF for either one into your Directory Server, first create the corresponding suffixes on Directory Servers A, B, C, and D, and then import the data from LDIF. See The Version 6 CLI: Getting Started for an example of how to create a suffix and import data from LDIF using the command line.

How to Set Up ou=People_Pool1 and ou=People_Pool2 Data Views

After you have Directory Servers A, B, C, and D are running with the data you imported, you can set up a Directory Proxy Server instance so send searches on ou=People_Pool1 to A and B, and searches on ou=People_Pool2 to C and D.

First, create an instance of Directory Proxy Server, and start the instance.

$ dpadm create  -p 10389 -P 10636 -w /tmp/pwd.txt /export/mcraig/dps
$ dpadm start /export/mcraig/dps
Directory Proxy Server instance '/export/mcraig/dps' started: pid=19431

Second, create LDAP data sources hooked up to servers A, B, C, and D.

$ dpconf create-ldap-data-source -w /tmp/pwd.txt -p 10389 "A" localhost:1389
$ dpconf create-ldap-data-source -w /tmp/pwd.txt -p 10389 "B" localhost:2389
$ dpconf create-ldap-data-source -w /tmp/pwd.txt -p 10389 "C" localhost:3389
$ dpconf create-ldap-data-source -w /tmp/pwd.txt -p 10389 "D" localhost:4389

Third, set up LDAP data source pools to hold the data sources, and set up LDAP data views into the pools.

$ dpconf create-ldap-data-source-pool -w /tmp/pwd.txt -p 10389 "People_Pool1"
$ dpconf create-ldap-data-source-pool -w /tmp/pwd.txt -p 10389 "People_Pool2"
$ dpconf attach-ldap-data-source -w /tmp/pwd.txt -p 10389 "People_Pool1" "A" "B"
$ dpconf attach-ldap-data-source -w /tmp/pwd.txt -p 10389 "People_Pool2" "C" "D"
$ dpconf create-ldap-data-view -w /tmp/pwd.txt -p 10389 "People_Pool1_View" "People_Pool1" ou=People_Pool1
$ dpconf create-ldap-data-view -w /tmp/pwd.txt -p 10389 "People_Pool2_View" "People_Pool2" ou=People_Pool2

Fourth, enable your LDAP data sources for searches (and other operations if you want), and restart Directory Proxy Server.

$ dpconf set-ldap-data-source-prop -w /tmp/pwd.txt -p 10389 "A" is-enabled:true
$ dpconf set-ldap-data-source-prop -w /tmp/pwd.txt -p 10389 "B" is-enabled:true
$ dpconf set-ldap-data-source-prop -w /tmp/pwd.txt -p 10389 "C" is-enabled:true
$ dpconf set-ldap-data-source-prop -w /tmp/pwd.txt -p 10389 "D" is-enabled:true
$ dpconf set-attached-ldap-data-source-prop -w /tmp/pwd.txt -p 10389 "People_Pool1" "A" search-weight:100
$ dpconf set-attached-ldap-data-source-prop -w /tmp/pwd.txt -p 10389 "People_Pool1" "B" search-weight:100
$ dpconf set-attached-ldap-data-source-prop -w /tmp/pwd.txt -p 10389 "People_Pool2" "C" search-weight:100
$ dpconf set-attached-ldap-data-source-prop -w /tmp/pwd.txt -p 10389 "People_Pool2" "D" search-weight:100
$ dpadm restart /export/mcraig/dps
Directory Proxy Server instance '/export/mcraig/dps' stopped
Directory Proxy Server instance '/export/mcraig/dps' started: pid=19494

Finally, search Directory Proxy Server in each pool to ensure that you get the results you expect. Here bcubbins is in People Pool1. yyorgens is in People Pool2

$ ldapsearch -p 10389 -b ou=People_Pool1 uid=bcubbins
version: 1
dn: uid=bcubbins,ou=People,ou=People_Pool1
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: bcubbins
givenName: Bartholomew
sn: Cubbins
cn: Bartholomew Cubbins
mail: bcubbins@example.com
facsimileTelephoneNumber: +1 234 567 8910
$ ldapsearch -p 10389 -b ou=People_Pool2 uid=yyorgens
version: 1
dn: uid=yyorgens,ou=People,ou=People_Pool2
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: yyorgens
givenName: Yolanda
sn: Yorgenson
cn: Yolanda Yorgenson
mail: yyorgens@example.com
secretary: uid=scooper,ou=People,ou=People_Pool2
Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

Mark Craig writes about Directory Services products and technologies. The views expressed on this blog are my own and do not necessarily reflect the views of Oracle.

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today