[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem with back-ldap and slapo-rwn

To: openldap-software@openldap.org
Subject: Problem with back-ldap and slapo-rwn
From: "Torsten Schlabach (Tascel eG)" <tschlabach@tascel.net>
Date: Tue, 08 Apr 2008 21:57:22 +0200
Cc: "Michael Uesbeck \(Tascel eG\)" <muesbeck@tascel.net>
User-agent: Thunderbird 2.0.0.12 (Windows/20080213)

Dear list!

We are trying something we thought should be simple:

We have got

Server A: Holds an LDAP database
Server B: Is supposed to act as a proxy to A

Both are OpenLDAP, A is 2.2; B is 2.4.

What we want to achieve is that server B will just proxy everything from server A except that some attribute names shall be rewritten, i.e. B is queried for a different attribute name as the actual name on A.

Here is what we did:

database        ldap
suffix          "o=world"
uri             "ldap://ldap.our.tld/";
overlay rwm
rwm-map attribute authzTo saslAuthzTo

The problem with that setup is that it will crash server B.

In some example we found somthing like this:

database        ldap
suffix          "o=world"
uri             "ldap://ldap.our.tld/";
overlay rwm
rwm-map attribute authzTo saslAuthzTo
rwm-map attribute *

So as soon as we add that wildcard line, slapd (on server B) will no longer crash, but unfortunately, it is not going to find anything anymore.

Could anyone help out with an example?

Regards,
Torsten

Follow-Ups:
- Re: Problem with back-ldap and slapo-rwn
  - From: Pierangelo Masarati <ando@sys-net.it>

Prev by Date: Re: AW: best way to export a whole ldap directory
Next by Date: A question about pwdMinAge
Index(es):
- Chronological
- Thread