Hello,
OpenLDAP v2.3.42
I have found that using "overlay rwm" along with "database meta", where "database meta" refers to a Windows Active Directory server, causes OpenLDAP to crash with the following error:
-- client sends --
ldapsearch -x -W -D "cn=ef87,dc=ad,dc=company,dc=com" -b "ou=users,dc=ad,dc=company,dc=com"
-- server crashes -- ... PROXIED attributeDescription "MSEXCHMAILBOXGUID" inserted. ber_scanf fmt ([W]) ber: ber_scanf fmt ({m) ber: slapd: attr.c:141: attr_dup: Assertion `j == i' failed.
# slapd.conf ... overlay rwm
database meta suffix "dc=ad,dc=company,dc=com" uri "ldap://dc.example.com/dc=ad,dc=company,dc=com suffixmassage "dc=ad,dc=company,dc=com" dc=ad,dc=example,dc=com"
idassert-bind bindmethod="simple" binddn="cn=ProxyUser,dc=ad,dc=example,dc=com" credentials="secret" mode="self"
map objectclass posixaccount user map objectclass posixgroup group map attribute uid samaccountname map attribute uniquemember member map attribute mail userPrincipalName map attribute maillocaladdress proxyaddresses #map attribute * ...
The error can be avoided by either 1.) removing the "overlay rwm" from slapd.conf, 2.) move "overlay rwm" below a second database definition, 3.) use "map attribute" in the "database meta" section to select only certain attributes.
I would certainly like the two to work together in order to perform rewrites at a global level (and not have to configure my slapd.conf to work around a server crash).
Thanks, ef