[Date Prev][Date Next]
Re: (ITS#6514) bindDN-rewriting with rwm+relay doesn't seem to work
> Full_Name: Thomas Wunder
> Version: 2.4.17
> OS: debian sqeueeze amd64
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (22.214.171.124)
I don't see a clear evidence of a bug. Software usage questions must be
directed to the openldap-software list. Moreover, I just tried your
verbatim configuration with the most recent code (while you're using an
older release), and it seems to work as expected. This ITS will be
> I'm currently using the rwm overlay to filter the objects from my
> ou=students,dc=uni-bamberg,dc=de directory by their "o"-attribute and
> the result to ou=students,ou=people,ou=swt,ou=wiai,dc=uni-bamberg,dc=de
> Therefore I use the following section within my slapd.conf (before the
> hdb..." section):
> database relay
> overlay rwm
> #rwm-rewriteEngine on
> rwm-rewriteContext bindDN
> rwm-rewriteRule ".*" "cn=ldapadmin,dc=uni-bamberg,dc=de" ":@"
> rwm-rewriteContext searchFilter
> rwm-rewriteRule "(.*)" "(&(o=swt)$1)" ":@I"
> searchFilter rewriting works perfectly but I also need to rewrite the
> bindDN as
> every operation within ou=students,dc=uni-bamberg,dc=de needs to be
> carried out
> by a particular user (cn=ldapadmin,dc=uni-bamberg,dc=de)
> (the reason is that i don't want any user other than ldapadmin to be able
> write ou=students,dc=uni-bamberg,dc=de but they should be able to modifiy
> entries within ou=students,ou=people,ou=swt,ou=wiai,dc=uni-bamberg,dc=de)
> according to the logs and the error reply messages there seems to be no
> rewriting done...
> It looks like the rule never matches.
> Is my rule not general enough to match each possible bindDN-String? Is
> "cn=ldapadmin,dc=uni-bamberg,dc=de" (replacement string for the bindDN)
> not well
> formatted (does it expect something else)? Does the overlay "relay"
> prevent the
> replacement of the bindDN?
> As you can see I don't have any idea what might be causing my problem and
> I hope
> you can help me.