> Full_Name: Thomas Wunder > Version: 2.4.17 > OS: debian sqeueeze amd64 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (141.13.106.69)
I don't see a clear evidence of a bug. Software usage questions must be directed to the openldap-software list. Moreover, I just tried your verbatim configuration with the most recent code (while you're using an older release), and it seems to work as expected. This ITS will be closed. p. > I'm currently using the rwm overlay to filter the objects from my > ou=students,dc=uni-bamberg,dc=de directory by their "o"-attribute and > project > the result to ou=students,ou=people,ou=swt,ou=wiai,dc=uni-bamberg,dc=de > Therefore I use the following section within my slapd.conf (before the > "database > hdb..." section): > > database relay > suffix > "ou=students,ou=people,ou=swt,ou=wiai,dc=uni-bamberg,dc=de" > overlay rwm > #rwm-rewriteEngine on > rwm-suffixmassage > "ou=students,ou=people,ou=swt,ou=wiai,dc=uni-bamberg,dc=de" > > "ou=students,dc=uni-bamberg,dc=de" > rwm-rewriteContext bindDN > rwm-rewriteRule ".*" "cn=ldapadmin,dc=uni-bamberg,dc=de" ":@" > rwm-rewriteContext searchFilter > rwm-rewriteRule "(.*)" "(&(o=swt)$1)" ":@I" > > searchFilter rewriting works perfectly but I also need to rewrite the > bindDN as > every operation within ou=students,dc=uni-bamberg,dc=de needs to be > carried out > by a particular user (cn=ldapadmin,dc=uni-bamberg,dc=de) > (the reason is that i don't want any user other than ldapadmin to be able > to > write ou=students,dc=uni-bamberg,dc=de but they should be able to modifiy > entries within ou=students,ou=people,ou=swt,ou=wiai,dc=uni-bamberg,dc=de) > according to the logs and the error reply messages there seems to be no > binndn > rewriting done... > It looks like the rule never matches. > Is my rule not general enough to match each possible bindDN-String? Is > "cn=ldapadmin,dc=uni-bamberg,dc=de" (replacement string for the bindDN) > not well > formatted (does it expect something else)? Does the overlay "relay" > prevent the > replacement of the bindDN? > > As you can see I don't have any idea what might be causing my problem and > I hope > you can help me. > > >
