Maybe use acls with different ssf? This way you can keep your queries the same and extract full data on your own very secure connection?
-----Original Message----- To: openldap-technical@openldap.org Subject: anonymize data
Hi all,
I have a question anonymizing data. My openldap have some confidential data inside and I would like this : if a person has a flag confidentiality set to 1 (or is in a special ou), openldap will replace or answer a different data.
For example :
if we request "sn" on this record , it will reply "Smith"
dn: cn=Smith,ou=public,c=com confidentiality: 0 sn: Smith
if we request "sn" on this record , it will reply "XXX"
dn: cn=Bond,ou=public,c=com confidentiality: 1
sn: Bond
I'm not sur Openldap can offer this kind of functionnality. Thanks for your help !