> On 25 Nov 2015, at 13:53 , Michael Ströder <michael@stroeder.com> wrote:
>
> BÖSCH Christian wrote:
>> I configured rwm overlay like the example in the man page to allow
>> binds with the email address.
>>
>> dn: olcOverlay={0}rwm,olcDatabase={-1}frontend,cn=config
>> objectClass: olcOverlayConfig
>> objectClass: olcRwmConfig
>> olcOverlay: {0}rwm
>> olcRwmRewrite: {0}rwm-rewriteEngine "on"
>> olcRwmRewrite: {1}rwm-rewriteMap "ldap" "attr2dn" "ldap://localhost/dc=abcd,dc
>> =net?dn?sub"
>> olcRwmRewrite: {2}rwm-rewriteContext "bindDN"
>> olcRwmRewrite: {3}rwm-rewriteRule "^mail=[^,]+@[^,]+$" "${attr2dn($0)}" ":@I"
>> olcRwmTFSupport: false
>> olcRwmNormalizeMapped: FALSE
>>
>> But I get the error message the the DN is invalid:
>>
>> ldapsearch -x -D "cb@abcd.net" -W -b 'dc=abcd,dc=net' -H ldap://openldap1.abcd.net/ 'uid=cb'
>> Enter LDAP Password:
>> ldap_bind: Invalid DN syntax (34)
>> additional info: invalid DN
>>
>> Is there something missing or wrong?
>
> You still have to use a (pseudo) DN when sending the simple bind request.
>
> With your rewriting rule it should be "mail=cb@abcd.net”.
ok, that’s it.
thank you!
chris
> I did not test your config myself.
>
> Ciao, Michael.
>
>
Attachment:
smime.p7s
Description: S/MIME cryptographic signature