[Date Prev][Date Next]
RE: mapping one part of the DIT to another?
> I'm currently working with openldap to replace a
> another propreitary ldap system. The problem is that I
> can't replace the client software as well, and the
> client has some queries that are hard coded.
> The client tries to verify the user by looking in
> cn=jdoe,ou=users,dc=company,dc=com. We use
> So, what I would like to do is take the client request
> and process it as if it were really looking at the
> Can this be done?
> Can someone please give me some guidance?
You already seem to be on the right track because you're using back-ldap.
Take a look at the rewrite engine that's in back-ldap (man slapd-ldap, man
slapd-meta). Use it to rewrite the DNs for search requests and search
results. Other dn-syntax attributes can be rewritten as well. For a rewrite
as simple as this you may be able to get away with the suffixmassage
directive instead of using rewrite* directives.
Hope this helps...
Packaged, certified, and supported LDAP distributions
powered by OpenLDAP: http://www.symas.com