It was never intended to do that. Proxy Authorization allows users to login with their own password, and obtain the authorization of another user. Note that authz-regexp only takes effect when Proxy Authorization is being performed. I don't believe it is legal to use the Proxy Authorization control with Bind requests, although I agree that it could be useful. Pretty sure we debated this a while back.authz-regexp (OpenLDAP 2.3) seems to only work for SASL. I note it was called sasl-regexp before. Will it be changed to work for Simple Bind? Its manpage section says it should work in general, though it mostly talks about SASL. E.g. authz-regexp "^.*" "uid=hbf,cn=people,dc=uio,dc=no" does not let anyone log in with my password and access:-)
-- -- Howard Chu Chief Architect, Symas Corp. Director, Highland Sun http://www.symas.com http://highlandsun.com/hyc Symas: Premier OpenSource Development and Support