> I can see your point. However, since the problem is OpenLDAP's > insistence upon returning the canonical name, I thought it was more
In terms of OpenLDAP Software, back-meta, slapo-rwm, and back-relay all might provide functionality that you may find useful in this situation. You might want to look into those. Of course, making your server "workaround" with possible RFC violation is something that should not be taken lightly.
