HI!

I'm trying to use slapo-rwm to simplify bind-DNs used. I'm also using slapo-lastbind to record the last simple bind timestamp and slapo-ppolicy also for recording pwdFailureTime.

Using latest RE24 of course.

Something like this defined *within* the database section:

---------------------- snip ---------------------- overlay accesslog [..]

rwm-rewriteMap slapd uid2dn "ldap:///o=example?entryDN?sub?" rwm-rewriteContext bindDN rwm-rewriteRule "^(uid=[^,]+),o=example$" "${uid2dn($1)}" ":@I"

overlay lastbind

overlay ppolicy ppolicy_default cn=ppolicy-default,cn=ampua,ou=ampua ppolicy_hash_cleartext ppolicy_use_lockout

slapo-lastbind correctly updates the attribute 'authTimestamp' in the entry referenced by the rewritten bind-DN.

slapo-ppolicy does *not* correctly update the attribute 'pwdFailureTime' in the entry referenced by the rewritten bind-DN. ---------------------- snip ----------------------

Any idea what's going on?

BTW: Using the rwm-rewriteMap in a MMR setup causes seg faults in a running provider slapd when bringing up another empty provider. Have to examine that further though.

Ciao, Michael.