Editing entries returned to back-ldap/meta

[Stephen Brandon <stephen@brandonitconsulting.co.uk>]

Hi,

After successfully prototyping a backend based on back-perl, I am attempting 
to recreate it in a more configurable way with back-ldap or back-meta.

My backend forwarded queries on to another LDAP server, then dynamically 
re-wrote some of the attributes. Easy in perl, but because perl-back has 
mutex locks around it, it all ends up single threaded :-(

As well as re-writing attributes (simple substitution editing), it creates 
some new attributes on the fly, such as a unix UID (calculated from a login 
name's ascii value), and a home account location, which the main LDAP server 
does not have in its schema.

In back-ldap/meta however, it's not quite as simple as I had hoped. For a 
start, only "dn-like" attributes can be edited with the regex support (I can 
kludge this though). But more importantly, there's no easy way to add *new* 
attributes.

Could I ask if anyone has any good ideas for where/how to do this?

- I guess I am going to have to learn how to read/write BERs, then append the 
new attributes in BER form to the end of the BER structure returned from the 
other server. Is it possible to simply add new attributes in this way?

- or is there some other less kludgy way to achieve the same thing?

Many thanks for any hints and ideas anyone can give.

Cheers,
Stephen Brandon
Brandon IT Consulting