masarati(a)aero.polimi.it wrote:
> By the way, I'm beginning to look at converting back-meta to
dynamic
> config.
> Did you ever make any start at this?
No, please go ahead. I'm sorry the need to use nested entries is too
complex for me to deal with based on my current (lack of) time.
OK. The basic framework is in place now, Add and Emit appear to work. I
haven't done Delete yet. If you have any suggestions for sanity-checking the
current code, that would be helpful. Much of it is copy/pasted from slapd-ldap
and slapo-rwm.
I see a few puzzling inconsistencies, like the existence of acl-passwd and
acl-authcDN keywords that don't actually have any functional code behind them.
I would guess they should have been replaced with acl-bind but there's no
implementation of that anywhere either.
Also wondering if the idassert-passthru from back-ldap ought to be added here.
The manpage is quite out of date, it still says to look at slapd-ldap(5) for
the mapping/rewrite docs, but that text was dropped and moved to slapo-rwm(5).
--
-- Howard Chu
CTO, Symas Corp.
http://www.symas.com
Director, Highland Sun
http://highlandsun.com/hyc/
Chief Architect, OpenLDAP
http://www.openldap.org/project/