I wonder: Isn't it comparable to UNIX symbolic links, where you need special functions to read the link itself?
-----Original Message----- From: Marc Marc@f1-outsourcing.eu Sent: Tuesday, September 24, 2024 9:05 AM To: Joril jorilx@gmail.com; openldap-technical@openldap.org Subject: [EXT] RE: ldapsearch by aliased objectClass
I've created an alias by following the FAQ at https://www.openldap.org/faq/data/cache/1111.html
dn: uid=alias,ou=People,dc=example,dc=net objectclass: alias objectclass: extensibleObject uid: alias aliasedobjectname: uid=target,ou=Retired People,dc=example,dc=com
The problem I'm facing is that this needs to be queried by an application (out of my control) that queries LDAP looking for a particular objectClass, like this:
(&(objectClass=person)(uid=alias))
This query misses the alias, I guess because the alias object has just "alias" and "extensibleObject" as classes... Is this expected? Is there a way to work around this, server-side? I mean, to tell the LDAP server to look for "aliased" properties?
Interesting question! I was also thinking of using aliases. Maybe there is some overlay that facilitates this. Curious to see what answers you get.