Hello,
I am trying to setup a ldap backend which is a filtered view of another larger parent directory, with respect to exposing fewer object classes and attributes.
The intent is to present a simpler view of the larger directory, and the config below works, except for when i uncomment the line containing "rwm-map attribute *", to hide the attributes i do not want visible, but after that it stops returning any entries at all for any query. So may be there is some important openldap attribute i am nuking ?
I'd appreciate any opinions / feedback on the config below, and if people have used rwm-map sucessfully ?
The docs on the ldap/meta/etc., backends are somewhat sparse to say the least, but i believe the below should in theory work.
Cheers Brett
The structure of the parent directory is :
c=AU o=My Org 1 ou=My Unit 1 o=My Org 2 ou=My Unit 2
Config is :
database ldap suffix "c=AU" uri "ldap://<parent ip>:<parent port>/" overlay rwm lastmod off
# attribute maps (ok except for final "rwm-map attribute *" map) rwm-map attribute cn * rwm-map attribute sn * rwm-map attribute mail * rwm-map attribute c * rwm-map attribute o * rwm-map attribute ou *
# does not like this, it stops any entries being returned #rwm-map attribute *
# objectclass maps (ok) rwm-map objectclass top * rwm-map objectclass country * rwm-map objectclass organization * rwm-map objectclass organizationalRole * rwm-map objectclass organizationalPerson * rwm-map objectclass organizationalUnit * rwm-map objectclass *