RHEL 8

OpenLDAP 2.6.4

 

Trying to use OpenLDAP as a proxy to AD and most of my configuration seems to be working as expected, but when I try to use the rwm-suffixmassage option an LDAP search against the server returns the following error:

 

No such object (32)

 

If I remove the rwm-suffixmassage option then I am returned the expected entry.

 

 

Relevant config snippet:

suffix          "dc=subdomain,dc=domain,dc=tld"

uri             "ldaps://dc1.subdomain.domain.tld/ ldaps://dc2.subdomain.domain.tld/"

 

chase-referrals no

 

idassert-bind bindmethod=simple

   binddn="cn=user,ou=OU,dc=subdomain,dc=domain,dc=tld"

   credentials="secret"

   mode=self

   tls_reqcert=demand

   tls_cacert=cert.file

   flags=non-prescriptive

 

overlay rwm

rwm-suffixmassage   "dc=subdomain,dc=domain,dc=tld" "dc=domain,dc=tld"

 

 

Any help would be appreciated.

 

Thank you,

 

SS