Re: Limiting results of search through back-meta

["Pierangelo Masarati" <ando@sys-net.it>]

> On Tue Jan 10 2006 at 17:47:37 CET, Pierangelo Masarati wrote:
>
>> > I have a back-meta set up on an OpenLDAP 2.3.11 to retrieve a tree
>> > (ou=People) from an OpenLDAP server inside a DMZ. There are a number
>> of
>> > entries which should not be returned if they contain an attribute type
>> > with a certain value. In escence the search filter would contain
>> > "(!(expiredDate=*))".
>> >
>> > The URI directive of back-meta doesn't appear to allow a filter
>> > specification. Is there any way I could accomplish this, perhaps
>> > with slapo-rwm, and could some kind soul give me an example?
>>
>> try
>>
>> access to filter="(expiredDate=*)"
>>         by * none
>>
>
> Thank you for the answer (I'm ashamed of my ignorance), but it doesn't
> work
> if the LDAP client asks for specific attribute types. An `ldapsearch ...
> cn uid mail'
> gets through.

Good point.  In that case, I think the most appropriate solution would be
that highlighted in ITS#3711 (may apply to back-ldap as well):

<http://www.openldap.org/its/index.cgi?findid=3711>

patches are welcome.

p.



Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309          
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------