Creating a simple root suffix with 389org consist in 3 passages:
- create a backend database where to save our data;
- create a root suffix pointing to the new db;
- create the ldap entry associated to the root suffix.
These steps are executed by the following ldif.
# create an LDBM database named AddressbookDb
# eventually setting cache to 2G
dn: cn=AddressbookDb,cn=ldbm database,cn=plugins,cn=config
objectclass: extensibleObject
objectclass: nsBackendInstance
nsslapd-cachememsize: 2048576000
nsslapd-suffix: o=db8
# associate the database with an ldap entry
dn: cn="o=db8",cn=mapping tree,cn=config
objectclass: top
objectclass: extensibleObject
objectclass: nsMappingTree
nsslapd-state: backend
nsslapd-backend: Addressbookdb8
cn: "o=db8"
# create the ldap entry
dn: o=db8
objectclass: top
objectclass: organization
o: db8
now you can issue a successful
# ldapsearch -x -b “o=db8” -s base -LLL
You can even create a local database which refers to other servers
for update
# replace state: backend -> state: referral on update
# and point to your referrals
dn: cn="o=db7",cn=mapping tree,cn=config
objectclass: top
objectclass: extensibleObject
objectclass: nsMappingTree
nsslapd-state: referral on update
nsslapd-backend: Addressbookdb7
nsslapd-referral: ldap://ab1.example.com:389/o%3Ddb7
nsslapd-referral: ldap://ab2.example.com:389/o%3Ddb7