https://bugs.openldap.org/show_bug.cgi?id=9594
--- Comment #3 from Howard Chu <[email protected]> --- (In reply to Karl O. Pinc from comment #2) > You cannot make arbitrary mappings to DNs. As a trivial > example, you can't write an identity transformation: > > olcAuthzRegexp "UID=([^,]*),CN=.*" "dn:$1" > > The escaping prevents the generation of a valid DN. The UID value must be a valid SASL userID. So again, "what is valid" is specific to the SASL mechanism in use, but there are no SASL mechanisms that use DNs as userIDs. So the above example is never valid. > And you can't generate one or more "attr=value" components of a DN: > > olcAuthzRegexp "UID=([^,]*),CN=.*" "dn:$1,OU=Accounts,DC=example,DC=com" Same applies here. -- You are receiving this mail because: You are on the CC list for the issue.
