--On Thursday, June 23, 2022 5:21 PM -0400 Kartik Subbarao subbarao@computer.org wrote:
I'm able to specify rwm bindDN rules without password-policy enabled just fine, like this one:
rwm-rewriteContext bindDN rwm-rewriteRule "^([^=]+)=([^@]+)@olddomain.com(.+),dc=olddomain,dc=com$" "$1=$2@newdomain.com$3,dc=newdomain,dc=com" ":@"
However, when I enable password policy (which also works fine on its own), slapd segfaults.
I'm mulling over how much additional time to spend on this. rwm is a very elegant solution to a current issue that could save me a bunch of time to set up additional LDAP servers with the renamed data. If this is an isolated bug for which a quick fix might be possible, I might investigate further.
But if it's a thorny issue or just the tip of the iceberg of things where rwm might break unexpectedly, then it may be better for me to consider other options. OpenLDAP developers, what do your instincts say on this?
If slapd segfaults, an ITS with clear reproduction steps should generally be filed. I would note that you have not specified the OpenLDAP release on which you encountered this problem. There's been a lot of (relatively) recent work in fixing segfault items when using slapo-rwm, so it would be helpful to know what release you hit this on.
Regards, Quanah