To create an LDAP referral either you create a referral entry, or
you add the extensibleObject object class and the
ref attribute with an LDAP URL to an existing entry.
This section demonstrates use of the latter approach.
$ cat referral.ldif dn: ou=People,dc=example,dc=com changetype: modify add: objectClass objectClass: extensibleObject - add: ref ref: ldap://opendj.example.com:2389/ou=People,dc=example,dc=com $ ldapmodify --port 1389 --bindDN "cn=Directory Manager" --bindPassword password --filename referral.ldif Processing MODIFY request for ou=People,dc=example,dc=com MODIFY operation successful for DN ou=People,dc=example,dc=com
The example above adds a referral to
ou=People,dc=example,dc=com. OpenDJ can now return
a referral for operations under the People organizational unit.
$ ldapsearch --port 1389 --baseDN dc=example,dc=com uid=bjensen description
SearchReference(referralURLs=
{ldap://opendj.example.com:2389/ou=People,dc=example,dc=com??sub?})
$ ldapsearch --port 1389 --baseDN dc=example,dc=com ou=people
SearchReference(referralURLs=
{ldap://opendj.example.com:2389/ou=People,dc=example,dc=com??sub?})To access the entry instead of the referral, use the Manage DSAIT control.
$ ldapsearch --port 1389 --baseDN dc=example,dc=com --control ManageDSAIT:true ou=people ref dn: ou=People,dc=example,dc=com ref: ldap://opendj.example.com:2389/ou=People,dc=example,dc=com $ cat people.ldif dn: ou=People,dc=example,dc=com changetype: modify delete: ref ref: ldap://opendj.example.com:2389/ou=People,dc=example,dc=com $ ldapmodify --port 1389 --bindDN "cn=Directory Manager" --bindPassword password --filename people.ldif Processing MODIFY request for ou=People,dc=example,dc=com MODIFY operation successful for DN ou=People,dc=example,dc=com A referral entry ou=People,dc=example,dc=com indicates that the operation must be processed at a different server [ldap://opendj.example.com:2389/ou=People,dc=example,dc=com] $ ldapmodify --port 1389 --bindDN "cn=Directory Manager" --bindPassword password --control ManageDSAIT --filename people.ldif Processing MODIFY request for ou=People,dc=example,dc=com MODIFY operation successful for DN ou=People,dc=example,dc=com $ ldapsearch --port 1389 --baseDN dc=example,dc=com ou=people dn: ou=People,dc=example,dc=com ou: People objectClass: organizationalunit objectClass: extensibleObject objectClass: top
The example above shows how to remove the referral using the Manage DSAIT control with the ldapmodify command.
