Hello all,
we want to ensure that all entries added to the member and manager attributes are valid DNs and point to existing objects in our LDAP. We had the refint overlay do this on version 2.2 but as it seems 2.3 removed this undocumented feature. We lately moved to 2.5 and have issues with faulty entries.
When I tried to configure the overlay with:
olcConstraintAttribute: member uri ldap:///dc=example,dc=com?dn?sub?(objectClass=*)
or
olcConstraintAttribute: member uri ldap:///dc=example,dc=com??sub?(objectClass=*)
or both URIs with an actual objectClass specified, my slapd (2.5.19) crashes on the URI verification step as it seems.
Is my usage of the overlay itself correct (including the URI) or is there a better way to ensure the existence of an referenced object?
Thanks a lot!
Best, Adrian