I'm able to specify rwm bindDN rules without password-policy enabled just fine, like this one:
rwm-rewriteContext bindDN rwm-rewriteRule "^([^=]+)=([^@]+)@olddomain.com(.+),dc=olddomain,dc=com$" "$1=$2@newdomain.com$3,dc=newdomain,dc=com" ":@"
However, when I enable password policy (which also works fine on its own), slapd segfaults. From doing a backtrace and stepping through the code, it looks like the crux of the issue is that the mdb_info struct ends up with garbage data:
struct mdb_info *mdb = (struct mdb_info *) op->o_bd->be_private;
mi_dbenv_home and mi_monitor have random stuff in them.
I'm mulling over how much additional time to spend on this. rwm is a very elegant solution to a current issue that could save me a bunch of time to set up additional LDAP servers with the renamed data. If this is an isolated bug for which a quick fix might be possible, I might investigate further.
But if it's a thorny issue or just the tip of the iceberg of things where rwm might break unexpectedly, then it may be better for me to consider other options. OpenLDAP developers, what do your instincts say on this?
Regards,
-Kartik