hello Quanah,

2.5.7.

Brgds,
J-L.

On Thu, Mar 10, 2022 at 11:08 PM Quanah Gibson-Mount <quanah@fast-mail.org> wrote:


--On Thursday, March 10, 2022 3:44 PM +0100 Jean-Luc Bourguignon
<bourguijl@gmail.com> wrote:

>
> Hello Ulrich,
>
>
> After a deep analyze of this "problem", it seems the chaining
> process doesn't work when I use rootdn user to add entries in the DB via
> the replicas.
> If I add them via providers, creatorsname takes the correct rootdn (as
> no chaining action here) but if I do it via replicas, I get replication
> user's DN.
> The chaining process works fine for normal users and gets proxied from
> replicas to providers as I've authzto (regex) rules in the configuration
> of  my replication user.
> I've tried to add a second authzto rule to my replication user as
> authzto {1} dn.exact: cn="rootdn" but it didn't work. Besides that, I
> created a fake rootdn entry in my DB, but same result.


What OpenLDAP release are you using?

--Quanah