My goal is to configure OpenLDAP as a proxy to provide e-mail
addresses to the public (via anonymous simple binds) using an LDAP
back-end which requires authenticated simple binds.
Public ccess to this server will be anonymous only and read-only. All
non-anonymous bind attempts are transformed to anonymous using authz-
regexp ".+" "dn:".
However, I need all binds to the back-end LDAP service to use a
specific account. I've looked at the docs and the list archives for
information related to "idassert-bind" but I'm not understanding it
well enough.
I tried this ...
idassert-authzFrom "dn:*"
idassert-bind bindmethod="simple"
binddn="cn=info,o=org"
credentials="password"
but that does not seem to be working for me. I'm getting anonymous
binds on the back-end. Is it possible to do what I'm asking? If so,
what am I doing wrong?
Thanks,
Yancey
