I'm able to specify rwm bindDN rules without password-policy enabled
just fine, like this one:
rwm-rewriteContext bindDN
rwm-rewriteRule
"^([^=]+)=([^@]+)@olddomain.com(.+),dc=olddomain,dc=com$"
"$1=$2...@newdomain.com$3,dc=newdomain,dc=com" ":@"
However, when I enable password policy (which also works fine on its
own), slapd segfaults. From doing a backtrace and stepping through the
code, it looks like the crux of the issue is that the mdb_info struct
ends up with garbage data:
struct mdb_info *mdb = (struct mdb_info *) op->o_bd->be_private;
mi_dbenv_home and mi_monitor have random stuff in them.
I'm mulling over how much additional time to spend on this. rwm is a
very elegant solution to a current issue that could save me a bunch of
time to set up additional LDAP servers with the renamed data. If this is
an isolated bug for which a quick fix might be possible, I might
investigate further.
But if it's a thorny issue or just the tip of the iceberg of things
where rwm might break unexpectedly, then it may be better for me to
consider other options. OpenLDAP developers, what do your instincts say
on this?
Regards,
-Kartik