[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap backend problem


I am trying to setup a ldap backend which is a filtered view of another larger parent directory, with respect to exposing fewer object classes and attributes.

The intent is to present a simpler view of the larger directory, and the config below works, except for when i uncomment the line containing "rwm-map attribute *", to hide the attributes i do not want visible, but after that it stops returning any entries at all for any query. So may be there is some important openldap attribute i am nuking ?

I'd appreciate any opinions / feedback on the config below, and if people have used rwm-map sucessfully ?

The docs on the ldap/meta/etc., backends are somewhat sparse to say the least, but i believe the below should in theory work.


The structure of the parent directory is :

    o=My Org 1
        ou=My Unit 1
    o=My Org 2
        ou=My Unit 2

Config is :

database        ldap
suffix          "c=AU"
uri             "ldap://<parent ip>:<parent port>/"
overlay         rwm
lastmod         off

# attribute maps (ok except for final "rwm-map attribute *" map)
rwm-map attribute cn *
rwm-map attribute sn *
rwm-map attribute mail *
rwm-map attribute c *
rwm-map attribute o *
rwm-map attribute ou *

# does not like this, it stops any entries being returned
#rwm-map attribute *

# objectclass maps (ok)
rwm-map objectclass top *
rwm-map objectclass country *
rwm-map objectclass organization *
rwm-map objectclass organizationalRole *
rwm-map objectclass organizationalPerson *
rwm-map objectclass organizationalUnit *
rwm-map objectclass *