[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Creating suffix aliases with OpenLDAP
- To: Ralf Mattes <r.mattes@mh-freiburg.de>
- Subject: Re: Creating suffix aliases with OpenLDAP
- From: Ryan Tandy <ryan@nardis.ca>
- Date: Thu, 15 Sep 2016 21:14:55 -0700
- Cc: openldap-technical@openldap.org
- Content-disposition: inline
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nardis.ca; s=google; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-disposition:in-reply-to:user-agent; bh=7s/1M3ZbRNRKkVHi/1PmV0eFRPpldmtpq9ampjJK0J0=; b=icGG6rK6iY7QpePeERqetmCyK6Cvu5zOuC3TzHOveVWex6wo2YaeL+BICPePwQAnIn ZGawOEcYZ7Qw2KiRgV8zzG6EcMTpunLPynnjylQYoNIKgKbPVxhItPVKE0KHMY+ozioe 1On/evsQaG7bSqiExzFCViL8Qb8eSgPsxdJm8=
- In-reply-to: <6464-57db0680-58b-1df9f18@97945427>
- Mail-followup-to: Ralf Mattes <r.mattes@mh-freiburg.de>, openldap-technical@openldap.org
- References: <a02-57db0200-49-32017680@111163303> <6464-57db0680-58b-1df9f18@97945427>
- User-agent: Mutt/1.5.23 (2014-03-12)
On Thu, Sep 15, 2016 at 10:36:18PM +0200, Ralf Mattes wrote:
Am Donnerstag, 15. September 2016 22:19 CEST, "Ralf Mattes" <r.mattes@mh-freiburg.de> schrieb:
O.k. - I found the culprit (but not the solution).
Trying to configure a olcRelay attribut whose value is a DN containing one ore more
spaces will fail. I tried all sorts of escaping that value but nothing seems o work.
Is this a bug?
Some more info: using the same value as olcSuffix will generate the same error, so some
the olcSuffix value seems to be parsed different that olcRelay even so the are suppoed to have
the same syntax.
This is ITS#8284. Fixed in OpenLDAP 2.4.43.
The following config seems to work for me:
dn: olcDatabase={1}mdb,cn=config
objectClass: olcMdbConfig
olcSuffix: o=ACME Corp
olcDbDirectory: data
dn: olcDatabase={2}relay,cn=config
objectClass: olcRelayConfig
olcSuffix: o=Foobar Conglomerate
olcRelay: o=ACME Corp
dn: olcOverlay=rwm,olcDatabase={2}relay,cn=config
objectClass: olcRwmConfig
olcRwmRewrite: rwm-suffixmassage "o=ACME Corp"