Hi,
Please ignore my question, I have it sussed.
I needed to put the rwm config after ldap-back (which I did) but BEFORE the ACLs, things are now working as expected.
Thanks
Paul
-----Original Message----- From: paul.osborne@canterbury.ac.uk [mailto:paul.osborne@canterbury.ac.uk] Sent: 09 May 2011 10:46 To: openldap-technical@openldap.org Subject: masking LDAP search responses
Hi,
I have an OpenLDAP to AD proxy up and running, and want to restrict
the
data being returned when a search has completed.
For example if I search for cn=abc1 I get a full response of all data held in our AD for that CN, ie:
filter: (cn=abc1) dn: cn=abc1...... displayName: Andrew Bertram Carlisle objectClass: person mail: abc1@mydomain.com MEMBEROF: OU=....... homeDirectory: \fileserver1.myad.mydomain.com\abc1 . . .
Naturally I want to be able to limit the data that is returned to the barest minimum required for the querying service.
I looked at the rwm overlay (slapo-rwm) and think I should be able to do:
overlay rwm rwm-rewriteEngine on rwm-map attribute displayName displayName rwm-map attribute *
So that ONLY the displayName gets shown on the output and the rest of the data is filtered out.
This does not seem to be working though and I am at the point where I have no idea why. Does anyone have any suggestions that may help?
Thanks
Paul