Wilhelm Meier <[EMAIL PROTECTED]> writes: > Hi, > > I think this is a relative simple question but I did not use the > meta/ldap-backend before. > > We have an openldap-server for user authentification. The user bind as > > uid=<user>,ou=Benutzer,dc=kmux,dc=de > > where <user> is the actual username. > > We have a diffent application where only users of a special > posixGroup "Archiv" should be valid. The application is not capable > of doing some sort of filtering. > > So, I thought it must be passoble to do this filtering with the meta > or ldap-backup using the original ldap-db: > > the filter should look like: > > (&(cn=Archiv)(memberUid=<user>)(objectClass=posixGroup)) > > where <user> is the username as above.
You don't provide an example of the applications searchstring, so only as a general hint, the rewrite engine of back-ldap, back-meta or back-relay might meet your requirements, man slapo-rwm(5), man slapd-meta(5), slapd-relay(5) provide some information. -Dieter -- Dieter Klünter | Systemberatung http://www.dpunkt.de/buecher/2104.html GPG Key ID:8EF7B6C6 53°08'09,95"N 10°08'02,42"E