Hi,
We are using OpenLDAP as a frontend proxy for another LDAP server on the backend. On the backend server, "displayname" attribute is not populated but cn is populated. We like to fake out a virtual "displayname" attribute on the frontend proxy OpenLDAP server, and the value of that attribute needs to come from "cn" attribute.
Is there a way to do this? Any help is highly appricated.
Thanks, Michael
Liu, Michael wrote:
Hi,
We are using OpenLDAP as a frontend proxy for another LDAP server on the backend. On the backend server, "displayname" attribute is not populated but cn is populated. We like to fake out a virtual "displayname" attribute on the frontend proxy OpenLDAP server, and the value of that attribute needs to come from "cn" attribute.
Is there a way to do this? Any help is highly appricated.
Yes. Read slapo-rwm(5) and use attribute mapping.
On Sat, Oct 3, 2009 at 3:20 AM, Liu, Michael michael_liu@harvard.edu wrote:
Hi,
We are using OpenLDAP as a frontend proxy for another LDAP server on the backend. On the backend server, "displayname" attribute is not populated but cn is populated. We like to fake out a virtual "displayname" attribute on the frontend proxy OpenLDAP server, and the value of that attribute needs to come from "cn" attribute.
Is there a way to do this? Any help is highly appricated.
Can i clarify what you are asking, as i might have a similar problem.
Multiple cn attributes are allowed in the standard(s), but it is now preferable to havie one displayName attribute value which, in the case of multiple cn's is better than choosing an arbitrary cn attribute at random.
Is your question, can the singular value of displayName be chosen automatically from the dn, rather than be explicitly stated, or copied from another attribute (ie. you have an existing database which has no displayName attribute, generally ?
Cheers Brett
In my case, I have an existing backend database that has no displayName attribute populated. I'd like to copy value from one of the cn attribute.
Michael
-----Original Message----- From: openldap-software-bounces+michael_liu=harvard.edu@OpenLDAP.org [mailto:openldap-software-bounces+michael_liu=harvard.edu@OpenLDAP.org] On Behalf Of Brett @Google Sent: Friday, October 02, 2009 9:55 PM To: Liu, Michael Cc: openldap-software@openldap.org Subject: Re: virtual attribute
On Sat, Oct 3, 2009 at 3:20 AM, Liu, Michael michael_liu@harvard.edu wrote:
Hi,
We are using OpenLDAP as a frontend proxy for another LDAP server on the backend. On the backend server, "displayname" attribute is not populated but cn is populated. We like to fake out a virtual
"displayname"
attribute on the frontend proxy OpenLDAP server, and the value of that
attribute needs to come from "cn" attribute.
Is there a way to do this? Any help is highly appricated.
Can i clarify what you are asking, as i might have a similar problem.
Multiple cn attributes are allowed in the standard(s), but it is now preferable to havie one displayName attribute value which, in the case of multiple cn's is better than choosing an arbitrary cn attribute at random.
Is your question, can the singular value of displayName be chosen automatically from the dn, rather than be explicitly stated, or copied from another attribute (ie. you have an existing database which has no displayName attribute, generally ?
Cheers Brett
openldap-software@openldap.org
-
Brett @Google -
Howard Chu -
Liu, Michael