hello Quanah,
2.5.7.
Brgds, J-L.
On Thu, Mar 10, 2022 at 11:08 PM Quanah Gibson-Mount quanah@fast-mail.org wrote:
--On Thursday, March 10, 2022 3:44 PM +0100 Jean-Luc Bourguignon bourguijl@gmail.com wrote:
Hello Ulrich,
After a deep analyze of this "problem", it seems the chaining process doesn't work when I use rootdn user to add entries in the DB via the replicas. If I add them via providers, creatorsname takes the correct rootdn (as no chaining action here) but if I do it via replicas, I get replication user's DN. The chaining process works fine for normal users and gets proxied from replicas to providers as I've authzto (regex) rules in the configuration of my replication user. I've tried to add a second authzto rule to my replication user as authzto {1} dn.exact: cn="rootdn" but it didn't work. Besides that, I created a fake rootdn entry in my DB, but same result.
What OpenLDAP release are you using?
--Quanah