[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: rwm overlay

To: BÖSCH Christian <boesch@fhv.at>, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: Re: rwm overlay
From: Michael Ströder <michael@stroeder.com>
Date: Wed, 25 Nov 2015 13:53:52 +0100
In-reply-to: <32F8E258-0AA4-42C2-A1E3-5754D9980472@fhv.at>
References: <32F8E258-0AA4-42C2-A1E3-5754D9980472@fhv.at>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 SeaMonkey/2.39

BÖSCH Christian wrote:
> I configured rwm overlay like the example in the man page to allow
> binds with the email address.
> 
> dn: olcOverlay={0}rwm,olcDatabase={-1}frontend,cn=config
> objectClass: olcOverlayConfig
> objectClass: olcRwmConfig
> olcOverlay: {0}rwm
> olcRwmRewrite: {0}rwm-rewriteEngine "on"
> olcRwmRewrite: {1}rwm-rewriteMap "ldap" "attr2dn" "ldap://localhost/dc=abcd,dc
>  =net?dn?sub"
> olcRwmRewrite: {2}rwm-rewriteContext "bindDN"
> olcRwmRewrite: {3}rwm-rewriteRule "^mail=[^,]+@[^,]+$" "${attr2dn($0)}" ":@I"
> olcRwmTFSupport: false
> olcRwmNormalizeMapped: FALSE
> 
> But I get the error message the the DN is invalid:
> 
> ldapsearch -x -D "cb@abcd.net" -W -b 'dc=abcd,dc=net' -H ldap://openldap1.abcd.net/ 'uid=cb' 
> Enter LDAP Password: 
> ldap_bind: Invalid DN syntax (34)
> 	additional info: invalid DN
> 
> Is there something missing or wrong?

You still have to use a (pseudo) DN when sending the simple bind request.

With your rewriting rule it should be "mail=cb@abcd.net".
I did not test your config myself.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- Re: rwm overlay
  - From: BÖSCH Christian <boesch@fhv.at>

References:
- rwm overlay
  - From: BÖSCH Christian <boesch@fhv.at>

Prev by Date: LMDB: successive fillups and drops break the DB after a while
Next by Date: Re: rwm overlay
Index(es):
- Chronological
- Thread