Re: slapo-rwm and rewriteRules

Wed, 14 May 2008 07:38:17 -0700 

Le mardi 13 mai 2008 à 20:57 +0200, Pierangelo Masarati a écrit :
> Raphaël 'SurcouF' Bordet wrote:
> 
> > Thanks for this tips, it's works fine.
> > 
> >> database        relay
> >> suffix          "o=Example,c=US"
> >> relay           "dc=example,dc=com"
> >> overlay         rwm
> >> rwm-rewriteEngine       on
> >> rwm-rewriteMap          ldap mail2uid
> >>                    "ldap://:9011/dc=example,dc=com?uid?sub";
> >> rwm-rewriteMap          ldap uid2mail
> >>                    "ldap://:9011/dc=example,dc=com?mail?sub";
> >>
> >> rwm-rewriteContext      default
> >> rwm-rewriteRule         "^(.+,)?(mail=[^,]+),o=Example,c=US$"
> >>                    "$1uid=${mail2uid($2)},dc=example,dc=com" ":@I"
> > 
> > Why this rule is needed ?
> > 
> >> rwm-rewriteRule         "^(.+,)?o=Example,c=US$"
> >>                    "$1dc=example,dc=com" ":@I"
> > 
> > This rule isn't needed when I'm using "massage" argument for "relay"
> > directive.
> 
> The "massage" directive automatically instantiates the equivalent of 
> this rule, and more.  I rather configure those rules manually to be able 
> to fine-grain control the order of execution of rules.
> 
> >> rwm-rewriteContext      searchEntryDN
> >> rwm-rewriteRule         "^(.+,)?(uid=[^,]+),dc=example,dc=com$"
> >>                    "$1mail=${uid2mail($2)},o=Example,c=US" ":@I"
> > 
> > This rule work fine. I've tried to do the same rule for departmentNumber
> > and departmentUID RDN change but slapd doesn't start if I set this
> > following rules : 
> > 
> > rwm-rewriteContext      searchEntryDN
> > rwm-rewriteRule             "^(.+,)?(uid=[^,]+),dc=example,dc=com$"
> >                     "$1mail={uid2mail($2)},o=Example,c=US" ":I"
> > rwm-rewriteRule             
> > "^(.+,)?(departmentUID=[^,]+),dmdName=[^,]+,dc=[a-zA-Z]+,dc=example,dc=com$"
> >                     
> > "$1departmentNumber={uid2number($2)},ou=services,o=Example,c=US$"
> > ":@I"
> 
> Did you define the uid2number map?

Yes I've theses following directives : 

rwm-rewriteMap          ldap number2uid
"ldap://:389/dc=example,dc=com?departmentUID?sub";
rwm-rewriteMap          ldap uid2number
"ldap://:389/dc=example,dc=com?departmentNumber?sub";

> >> rwm-rewriteRule         "^(.+,)?dc=example,dc=com$"
> >>                    "$1o=Example,c=US" ":@I"
> > 
> > This rule isn't needed when I'm using "massage" argument for "relay"
> > directive.
> 
> See above.
> 
> > Last question : can I modify returned attribute value using rwm ?
> 
> Only DN-valued attributes.  It (intentionally) doesn't work for other attrs.

Ok. It's easy to enable ?


-- 
Raphaël 'SurcouF' Bordet

Reply via email to