[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#5760) attribute hiding in rwm overlay
Full_Name: Brett Maxfield
Version: 2.4.12 release
OS: Solaris 5.10
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (203.18.108.167)
There is a bug that stops rwm-map being used to hide attributes, eg :
database ldap
suffix "c=AU"
uri "ldap://<parent ip>:<parent port>/c=AU"
overlay rwm
lastmod off
# attribute maps (ok except for final "rwm-map attribute *" map)
rwm-map attribute cn *
rwm-map attribute sn *
rwm-map attribute mail *
rwm-map attribute c *
rwm-map attribute o *
rwm-map attribute ou *
# does not like this, it stops any entries being returned
#rwm-map attribute *
# objectclass maps (ok)
rwm-map objectclass top *
rwm-map objectclass country *
rwm-map objectclass organization *
rwm-map objectclass organizationalRole *
rwm-map objectclass organizationalPerson *
rwm-map objectclass organizationalUnit *
rwm-map objectclass *
Comment from the openlda-software list..
> I am trying to setup a ldap backend which is a filtered view of
> another larger parent directory, with respect to exposing fewer object
> classes and attributes.
>
> The intent is to present a simpler view of the larger directory, and
> the config below works, except for when i uncomment the line
> containing "rwm-map attribute *", to hide the attributes i do not want
> visible, but after that it stops returning any entries at all for any
> query. So may be there is some important openldap attribute i am
> nuking ?
Yes, I fear that's hiding the objectClass attribute, which is required for
internal operations. On the other hand, you can't simply tell back-ldap to
preserve that attribute, because mapping objectClass is not allowed. I suggest
you file an ITS so that this problem can be fixed.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team