[Date Prev][Date Next] [Chronological] [Thread] [Top]

rwm + cn=config

To: openldap-technical@openldap.org
Subject: rwm + cn=config
From: Frava <fravadona@gmail.com>
Date: Thu, 22 Sep 2011 11:17:51 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=rLJKBXfAhFIaPvi0AWxqi+KS9hms9hUvRJnUh3KZp/0=; b=N5oR0kF58pKsJCi1Lo7OpgFMOPRdUgrHwLPYEC5zUmt4vQxMy71W/B5GrXG65cALXX 440r8UtoPPDk0g9jqWYaBQ2FcUVp1Opzb6+v4LaPcZ0666GiK7pLi9/e/I11GbH7OKLq kYurWKB1KlZXndj9cE4FsZkwotMVxmWMwY2Nk=

Hello,

I use the rwm overlay to forward the authentication of some users to the general ldap replicas of my corp.

Part of slapd.conf :

###########################
...
overlay rwm
rwm-rewriteEngine       on
rwm-rewriteContext      bindDN
rwm-rewriteMap          ldap mysearch "ldap://ldap.example.com:389/ou=users,dc=example,dc=com?dn?sub"
rwm-rewriteRule         "^uid=([^,]+),ou=people,dc=[^,]+,dc=example,dc=com$" "${mysearch((&(objectClass=posixAccount)(uid=$1)))}" ":@I"

database                ldap
suffix                  "ou=users,dc=example,dc=com"
uri                     "ldap://ldap.example.com:389/"
restrict                read write extended

database                bdb
suffix                  "dc=example,dc=com"
rootdn                  "cn=admin,dc=example,dc=com"
rootpw                  mypassword
directory               /var/db/openldap-data/mydb
...
############################

Now I converted the 'slapd.conf' to 'cn=config' with slaptest, the remote authentication stopped working;
and looking at cn=config, all the rules are there...

Any Ideas ?
Rafael NAVAZA.

Follow-Ups:
- Re: rwm + cn=config
  - From: Frava <fravadona@gmail.com>

Prev by Date: multi master no syncing.
Next by Date: Re: migrating from (old) /etc/shadow to LDAP
Index(es):
- Chronological
- Thread