[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: providing a default value for an attribute (w/ translucent proxy)

Dan Pritts wrote:
Hi all -

I've got a familiar story, I'm sure.

I have a campus-wide AD infrastructure that I'd like to leverage.

Unfortunately, my LDAP client (an Isilon NAS) requires some attributes that AD
doesn't populate.  e.g., homeDirectory.  As it turns out, the silly thing
doesn't even use these values, at least not for our use case.  But the entire
lookup fails if it doesn't get something back for those attributes.

I presumably can use a translucent proxy to set these attributes locally.  I
tested this successfully.

Ideally, though, instead of creating DNs for each person on the translucent
proxy server, I'd like to just have slapd fill in a default value for these
attributes when they are empty. I would also be happy with a method that just
overwrites the existing attribute, regardless of whether it exists.  Again,
for ALL DNs... I don't want to create each account individually in both places.

I thought maybe the rewrite overlay would allow this but it seems like I was
incorrect (please advise if it can be done).

I have poked around and found no other way to do this.  Am I missing something?

If the actual value doesn't matter, try using a collective attribute instead.

Dan Pritts
ICPSR Computing & Network Services
University of Michigan
+1 (734)615-7362

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/