views:

10

answers:

0

Ok, this is an OpenLDAP newby question so bear with me. I haven't been able to find a straight answer on the webinets, so here we go:

Note: The ultimate goal is to have an OpenLDAP server set up as a proxy/cache for a "single" query to get all of the results in a master LDAP (if you're familiar with .Net's DirectoryServices dll, the app is just making a FindAll() call on the LDAP).

I have it to the point where the Proxy/Cache is showing the same results as the master (i.e., it is proxying the queries), however it doesn't seem to be caching. I say that because of 2 reasons:

  • If I make an update to an entry in the master LDAP, I immediately see the updated value in the proxy (using an LDAP browser that's pointed to the proxy URL), even before the TTL has expired.
  • If I shut down the master LDAP and make a query to the proxy, I get a connection exception. If I'm not mistaken, I should instead get a cached result (once again, the TTL hasn't expired).

Here's the OpenLDAP config file I'm using for the proxy/cache (on Windows, OpenLDAP v.2.4.23):


database ldap

uri "ldap://MyPC"

suffix "dc=local"

rootdn "dc=local"

overlay pcache

proxycache bdb 1000 3 250 432000

directory ./cache

index objectclass eq

index cn eq,sub

proxycachequeries 100

proxyattrset 0 cn certificateRevocationList

proxytemplate (objectclass=) 0 600


A few things worth noting:

  • I am including "all" of the attributes in the entries in the master LDAP as part of the proxyattrset. I understand this is necessary for an intended query to be cached/serviced. Since I'm wanted to cache a FindAll() I assume this is the way to do it.
  • The consistency check interval is set to 5 days (432000 secs). I want the cache to be able to serve cached queries even when the master server has been down for that long. Also note that the TTL is set to 10 mins (600 secs) - this is because I want the cache queries to be refreshed at least every 10 mins (if the master server is up).

Ok, on to my questions:

  1. Is there a way to quickly configure OpenLDAP to cache ALL queries without having to specify all the attributes in proxyattrset?
  2. Why am I getting a connection error when I kill the master LDAP and I make a query to the proxy within the TTL? Are my queries not being cached? If so, what am I missing in the config file to enable caching?

related questions