[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: rwm overlay



BÖSCH Christian wrote:
> I configured rwm overlay like the example in the man page to allow
> binds with the email address.
> 
> dn: olcOverlay={0}rwm,olcDatabase={-1}frontend,cn=config
> objectClass: olcOverlayConfig
> objectClass: olcRwmConfig
> olcOverlay: {0}rwm
> olcRwmRewrite: {0}rwm-rewriteEngine "on"
> olcRwmRewrite: {1}rwm-rewriteMap "ldap" "attr2dn" "ldap://localhost/dc=abcd,dc
>  =net?dn?sub"
> olcRwmRewrite: {2}rwm-rewriteContext "bindDN"
> olcRwmRewrite: {3}rwm-rewriteRule "^mail=[^,]+@[^,]+$" "${attr2dn($0)}" ":@I"
> olcRwmTFSupport: false
> olcRwmNormalizeMapped: FALSE
> 
> But I get the error message the the DN is invalid:
> 
> ldapsearch -x -D "cb@abcd.net" -W -b 'dc=abcd,dc=net' -H ldap://openldap1.abcd.net/ 'uid=cb' 
> Enter LDAP Password: 
> ldap_bind: Invalid DN syntax (34)
> 	additional info: invalid DN
> 
> Is there something missing or wrong?

You still have to use a (pseudo) DN when sending the simple bind request.

With your rewriting rule it should be "mail=cb@abcd.net".
I did not test your config myself.

Ciao, Michael.


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature