3.4.4.2. Creating Suffix Referrals from the Command Line

Add a suffix referral to the root or sub suffix entry in the directory configuration file under the cn=mapping tree,cn=config branch.
  1. Run ldapmodify.[2] For example:
    ldapmodify -a -h example.com -p 389 -D "cn=directory manager" -w secret
    The ldapmodify utility binds to the server and prepares it to add information to the configuration file.
  2. Add a suffix referral to the ou=people,dc=example,dc=com root suffix, as follows:
    dn: cn=ou=people,dc=example,dc=com,cn=mapping tree,cn=config
    objectclass: extensibleObject
    objectclasss: nsmappingtree
    nsslapd-state: referral
    nsslapd-referral: ldap://zanzibar.com/
    The nsslapd-state attribute is set to referral, meaning that a referral is returned for requests made to this suffix. The nsslapd-referral attribute contains the LDAP URL of the referral returned by the suffix, in this case a referral to the zanzibar.com server.
    The nsslapd-state attribute can also be set to referral on update. This means that the database is used for all operations except update requests. When a client application makes an update request to a suffix set to referral on update, the client receives a referral.
For more information about the suffix configuration attributes, refer to Table 3.1, “Suffix Attributes”.