BÖSCH Christian wrote: > I configured rwm overlay like the example in the man page to allow > binds with the email address. > > dn: olcOverlay={0}rwm,olcDatabase={-1}frontend,cn=config > objectClass: olcOverlayConfig > objectClass: olcRwmConfig > olcOverlay: {0}rwm > olcRwmRewrite: {0}rwm-rewriteEngine "on" > olcRwmRewrite: {1}rwm-rewriteMap "ldap" "attr2dn" "ldap://localhost/dc=abcd,dc > =net?dn?sub" > olcRwmRewrite: {2}rwm-rewriteContext "bindDN" > olcRwmRewrite: {3}rwm-rewriteRule "^mail=[^,]+@[^,]+$" "${attr2dn($0)}" ":@I" > olcRwmTFSupport: false > olcRwmNormalizeMapped: FALSE > > But I get the error message the the DN is invalid: > > ldapsearch -x -D "cb@abcd.net" -W -b 'dc=abcd,dc=net' -H ldap://openldap1.abcd.net/ 'uid=cb' > Enter LDAP Password: > ldap_bind: Invalid DN syntax (34) > additional info: invalid DN > > Is there something missing or wrong? You still have to use a (pseudo) DN when sending the simple bind request. With your rewriting rule it should be "mail=cb@abcd.net". I did not test your config myself. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature