Thomas Wunder wrote:
Hi, I need some kind of overlay which allows me to rewrite attribute values. I.e. if there's an object "cn=a,ou=src,dc=my,dc=com" which has attributes like memberUid="uid=usrA,ou=rest,ou=of,dc=the,dc=dn" and memberUid="uid=usrB,ou=rest,ou=of,dc=the,dc=dn" I want that overlay to suffixmassage (or whatever) it to an object like "cn=b,ou=dst,dc=my,dc=com" where for example memberUid="usrA" memberUid="usrB" but the rest (i.e. other Attributes like 'gidNumber', 'userPassword',
'description',...) of the object should be identical to the 'source'-object.
The whole thing is needed because slapo-autogroup puts in full DNs as
attribute values but my client programs (e.g. nss-ldapd) expect only a plain username to be there. In practical this means that I need to have that overlay to split the values of a particular type of attribute (like 'memberUid') and extract a particular part of it.
You're misusing the schema here. The memberUid attribute is only for simple user IDs, not DNs.
It would be very nice if it was possible to use regular expressions with
backreferences for matching/rewriting the values or if there was a chance to 'plug in' an external program which accomplishes that job. (As far as i know slapo-rwm is only capable of rewriting dn's and attribute names etc. but no values, isn't it? So i need something else...)
slapo-rwm rewrites DNs in DN-valued attributes as well. "DN-valued" meaning that the attribute's syntax is distinguishedName. It does not rewrite any other attributes.
Thanks in advance! Tom