I am running into an issue when trying to rewrite the bindDN where the function ldap_bv2dn is called before rewriting and rejecting certain dn values.
Specifically I am trying to bind using just the email address, in the form "[email protected]" however this gets flagged and returns -4, ldap decoding error. >>> dnPrettyNormal: <[email protected]> => ldap_bv2dn([email protected],0) ldap_err2string <= ldap_bv2dn([email protected])=-4 Decoding error bind: invalid dn ([email protected]) send_ldap_result: conn=0 op=0 p=3 send_ldap_result: err=34 matched="" text="invalid DN" Using an attribute form, "[email protected]" gets properly passed to the rewrite function and all works as expected. My question is whether there is any way around the validation that is performed before the rewrite beyond hacking the source code. Any help is appreciated. Thanks, Tod Schmidt
