The first question is if you can do the rewrite at all. slapo-rwm comes to mind as a possibility here, although there may be other ways to do it (and slapo-rwm might not be appropriate in your situation).
The second question is restricting it to only happen to certain binddn. I imagine this would be at least somewhat dependent on the answer to the first part. For instance, if you end up with slapo-rwm, you could probably set some sort of binddn store/check (see "sophisticated example" in slapo-rwm(5) man page). If you get this working successfully, mailing back or FAQ-o-matic entry might be in order, because I don't think this is the first time this question has come up. I also want to insert some boilerplate here to the effect of "this sort of stuff is a slippery slope to violating standard schema/RFCs, be careful or at least mindful." On Tue, 19 Jul 2005, Digant C Kasundra wrote: > Hello everyone, > > Is there a way I can rename an attribute before its returned? I know > dynlist can do dynamic expansion and you can tell it to rename > attributes but how about on a per-bindDN basis? Is there a way I can > setup (perhaps where I have setup my access controls) something to say > binddn1 can see attr=displayName but call it cn when you show it to him? > > -- DK > > > -- > Digant C Kasundra > Enterprise Operations and Systems > Office of Information Technology > University of Texas at Arlington > Ph: 817-272-2208 > GnuPG Public Key: http://omega.uta.edu/~digant/digant.gpg.asc > > To request technical support, please contact our computing Help Desk at > 817-272-2208, e-mail [EMAIL PROTECTED] or create a work order at > https://eservices.uta.edu/oitforms/workorder.html >
