> On 25 Nov 2015, at 13:53 , Michael Ströder <michael@stroeder.com> wrote: > > BÖSCH Christian wrote: >> I configured rwm overlay like the example in the man page to allow >> binds with the email address. >> >> dn: olcOverlay={0}rwm,olcDatabase={-1}frontend,cn=config >> objectClass: olcOverlayConfig >> objectClass: olcRwmConfig >> olcOverlay: {0}rwm >> olcRwmRewrite: {0}rwm-rewriteEngine "on" >> olcRwmRewrite: {1}rwm-rewriteMap "ldap" "attr2dn" "ldap://localhost/dc=abcd,dc >> =net?dn?sub" >> olcRwmRewrite: {2}rwm-rewriteContext "bindDN" >> olcRwmRewrite: {3}rwm-rewriteRule "^mail=[^,]+@[^,]+$" "${attr2dn($0)}" ":@I" >> olcRwmTFSupport: false >> olcRwmNormalizeMapped: FALSE >> >> But I get the error message the the DN is invalid: >> >> ldapsearch -x -D "cb@abcd.net" -W -b 'dc=abcd,dc=net' -H ldap://openldap1.abcd.net/ 'uid=cb' >> Enter LDAP Password: >> ldap_bind: Invalid DN syntax (34) >> additional info: invalid DN >> >> Is there something missing or wrong? > > You still have to use a (pseudo) DN when sending the simple bind request. > > With your rewriting rule it should be "mail=cb@abcd.net”. ok, that’s it. thank you! chris > I did not test your config myself. > > Ciao, Michael. > >
Attachment:
smime.p7s
Description: S/MIME cryptographic signature