Thanks but that not what I wish to do.
In fact, I would like to have different behaviors depending on who is querying OR what is inside the data
Example :
The record is :
dn: cn=Smith,ou=public,c=com
confidentiality: 1
sn: Smith
if mister_privilege request "sn" on this record , it will reply 'Smith'
if mister_no_privilege request "sn" on this record , it will reply 'xxx'
Can we do something like this ?
Thanks !
De : Marc Roos <M.Roos@f1-outsourcing.eu>
Envoyé : lundi 22 juin 2020 18:12
À : openldap-technical <openldap-technical@openldap.org>; piwako <piwako@outlook.fr>
Objet : RE: anonymize data
Maybe use acls with different ssf? This way you can keep your queries
the same and extract full data on your own very secure connection?
-----Original Message-----
To: openldap-technical@openldap.org
Subject: anonymize data
Hi all,
I have a question anonymizing data.
My openldap have some confidential data inside and I would like this :
if a person has a flag confidentiality set to 1 (or is in a special ou),
openldap will replace or answer a different data.
For example :
if we request "sn" on this record , it will reply "Smith"
dn: cn=Smith,ou=public,c=com
confidentiality: 0
sn: Smith
if we request "sn" on this record , it will reply "XXX"
dn: cn=Bond,ou=public,c=com
confidentiality: 1
sn: Bond
I'm not sur Openldap can offer this kind of functionnality.
Thanks for your help !