So, I've been playing with slapo-relay and slapd-rwm to try and make it so that I can meet the expectations of different email clients that query my directory. This has led to a few questions:
(1) If your root is "dc=example,dc=com", and the entries you are interested in rewriting are in "cn=people,dc=example,dc=com" and the suffix you want to use virtually is "cn=outlook,dc=example,dc=com", how do you configure this? My attempts at doing this gave me the following error:
<suffix> namingContext "cn=outlook,dc=example,dc=com" already served by a preceding hdb database serving namingContext "dc=example,dc=com"
I understand quite well that "cn=outlook,dc=example,dc=com" is served by dc=stanford,dc=edu, and so what? It doesn't actually exist in that database, and I want to make it appear to exist.
(2) How do you get it to map the entry DN results to the new base? With "cn=people,dc=stanford,dc=edu" being mapped to "cn=outlook,dc=example,dc=com", the entries DNs returned all show "cn=people,dc=stanford,dc=edu" instead of "cn=outlook,dc=example,dc=com":
ldapsearch -LLL -x -h ldap-dev1 -b "cn=outlook,dc=example,dc=com" "cn=quanah*" dn: suRegID=85e49978f61311d2ae662436000baa77,cn=people,dc=stanford,dc=edu
(3) How do you map attributes to attribute names that don't exist in your schema? Since this is really about what gets displayed back to the client, I don't see why there is a requirement that the mapped-to attribute name must exist in your schema.
For example:
map attribute displayName mail
works but
map attribute displayName display-name
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html