"Vandenburgh, Steve Y" <[email protected]> writes:
> Thanks for the tip Quanah (and Dieter). I have added the MSUser > schema to the configuration. However, I'm still getting the same > behavior. If I use a bind DN like > > [email protected] > > which is potentially a valid DN, the rewriting is applied; however if > the bind DN is just the email address e.g. > > [email protected] > > then the OpenLDAP returns error 34 (invalid DN). So before I do more > troubleshooting, I wanted to ask if the rewrite rules can be applied > before the syntax check on the bind DN is done. If the OpenLDAP > server always performs the syntax check on the DN before any rewrite > rules are applied, then what I'm trying to accomplish (using a > Microsoft UPN bind DN) cannot be done. For this sort of DN rewriting slapd.conf(5) provides 'authid-rewrite' or 'olcAuthIdRewrite' in slapd-config(5). -Dieter -- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E
