Hi,
The OpenLDAP 2.4 documentation states:
"When using slapd.conf(5), overlays that are configured before any other
databases are considered global, as mentioned above. In fact they are
implicitly stacked on top of the frontend database. They can also be explicitly
configured as such:
database frontend
overlay <overlay name>"
I currently use slapo-rwm, defined as a global declaration in slapd.conf, to
provide bindDN rewrites to a remote LDAP server via slapo-ldap (LDAP proxy
database). Is it possible then, if I'm interpreting the documentation
correctly, to additionally stack a rewrite/remap overly in each defined
database section? The objective would be to achieve database specific rewrites
that are not applicable to all defined databases.
e.g.
database ldap
suffix "dc=abc,dc=local"
uri "ldap://172.11.250.200/";
overlay rwm
rwm-rewriteEngine on
rwm-rewriteContext searchEntryDN
rwm-rewriteRule "^cn=(.+)?\\\\2C(.+)?,ou=users,dc=abc,dc=local$"
"cn=$1_$2,ou=users,dc=abc,dc=local" ":@"
[...etc.]
database ldap
suffix "dc=xyz,dc=local"
uri "ldap://172.11.250.201/";
overlay rwm
rwm-rewriteEngine on
rwm-rewriteContext searchEntryDN
rwm-rewriteRule <some other rewrite rule here>
[...etc.]
If this is possible, does the configuration allow one to define the overlay at
the "backend" level, so that it applies to all databases of the same type?
e.g.
backend ldap
overlay rwm
rwm-rewriteEngine on
database ldap
suffix "dc=abc,dc=local"
uri "ldap://172.11.250.200/";
rwm-rewriteContext searchEntryDN
rwm-rewriteRule "^cn=(.+)?\\\\2C(.+)?,ou=users,dc=abc,dc=local$"
"cn=$1_$2,ou=users,dc=abc,dc=local" ":@"
[...etc.]
database ldap
suffix "dc=xyz,dc=local"
uri "ldap://172.11.250.201/";
rwm-rewriteContext searchEntryDN
rwm-rewriteRule <some other rewrite rule here>
[...etc.]
Thanks
Bryce Powell
