Thanks for the tip Quanah (and Dieter). I have added the MSUser schema to the configuration. However, I'm still getting the same behavior. If I use a bind DN like
[email protected] which is potentially a valid DN, the rewriting is applied; however if the bind DN is just the email address e.g. [email protected] then the OpenLDAP returns error 34 (invalid DN). So before I do more troubleshooting, I wanted to ask if the rewrite rules can be applied before the syntax check on the bind DN is done. If the OpenLDAP server always performs the syntax check on the DN before any rewrite rules are applied, then what I'm trying to accomplish (using a Microsoft UPN bind DN) cannot be done. Thanks again, Steve Vandenburgh LDAP Directory Services/Identity Management CenturyLink (720)738-2688 -----Original Message----- From: openldap-technical <[email protected]> On Behalf Of Quanah Gibson-Mount Sent: Saturday, October 26, 2019 1:57 PM To: Dieter Klünter <[email protected]>; [email protected] Subject: Re: Question about OpenLDAP and rwm overlay --On Saturday, October 26, 2019 9:27 PM +0200 Dieter Klünter <[email protected]> wrote: > [...] > slapd requires part of AD schemas in order to operate back-ldap > properly. Thus write a private schema, providing required attribute > types and object classes. The MSUser schema in OpenLDAP master may be useful for this. --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <https://imss91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fwww.symas.com&umid=AE42BD9E-95D5-B405-A685-740CAF9B7769&auth=19120be9529b25014b618505cb01789c5433dae7-ad787404dd2d33e665cc543b477f7fd3a84aba08> This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
