https://bugs.openldap.org/show_bug.cgi?id=9657
--- Comment #5 from Ondřej Kuzník <[email protected]> --- On Mon, Aug 30, 2021 at 04:49:56PM +0000, [email protected] wrote: > and the whole purpose of olcAuthzRegexp is to rewrite the username. > >> SASL has to find the user's entry > Simple bind does not have to find the user’s entry? I would note that the purpose of olcAuthzRegexp is to locate the right identity (entry), not just do username rewriting. If that entry belongs to a database with configured ACLs, those apply to give the admin a chance to control this part of the authentication+authorization process. If you want to improve the existing documentation, please help review ITS#9256 which, sadly, has been on hold for a while. And maybe propose tweaks/additions to the admin guide, that would be much appreciated. Thanks, -- You are receiving this mail because: You are on the CC list for the issue.
