Dear openldap experts,
Recently, we are trying to setup a Openldap proxy using translucent overlay. The proxy was configured successfully and we can read remote ldap contents through local proxy. Following the official instruction: https://www.openldap.org/doc/admin24/overlays.html?spm=5176.28103460.0.0.38f97d832DJg25#Translucent%20Proxy, we could see that for the basic attributes we fetched them from remote ldap server, whereas for the new attributes we fetched them from local mdb database. However, we met a special scenario that the instruction didn't mention, and we didn't know how to fulfill it : (1) Assuming there is a user stored in remote ldap server user.ldif dn:uid=user1,ou=People,dc=mydomain,dc=com uid:user1 cn:user1 objectClass:account objectClass:posixAccount objectClass:top objectClass:shadowAccount (2) We would like to add a new attribute in proxy (local mdb database) user_new.ldif dn:uid=user1,ou=People,dc=mydomain,dc=com changetype: modify add: objectClass objectClass: sambaSamAccount The difference was that: the objectClass consists of multiple lines, and account/posixAccount/top/shadowAccount was stored in remote, we just wanted to add a new lines for sambaSamAccount in local mdb. If I execute user_new.ldif then the user1 became that only contained objectClass: sambaSamAccount and account/posixAccount/top/shadowAccount was disappeared. Is there a way to fulfill that ? Thanks, Adrian Liu
