On the other side, what do you mean with "define a module that registers
a dummy matching rule with that OID" ?
Is this a module like back_meta, rwn and friends ? Do you have any
pointer like a dummy module to show where to begin ?
As you see, I'm pretty much at the beginning of the learning curve and I
am very happy to get your help.
Regards,
Charles
ok, it did cost me a lot of brain power, but I do have a workaround. I
mention it here because I'm quite sure someone else will hit the same
problem one day.
1. the recursive search filter passed to the proxy should use a filter
supported by the proxy, eg
filter='(RecursiveMemberOf=cn=ls-msp-app2,OU=App,DC=extra,DC=proxy,DC=stuff,DC=ch)'
2. the proxy gasp it, accept it, and pass it to the rewrite module
3. use a rewrite rule to massage the filter:
rewriteRule
"RecursiveMemberOf=cn=(.*),dc=extra,dc=proxy,dc=stuff,dc=ch"
"memberOf:1.2.840.113556.1.4.1941:=cn=%1,dc=ad,dc=stuff,dc=ch"
":"
back_meta then pass the rewritten filter to the back-end AD.