Le 06/08/2012 23:05, Guillaume Rousse a écrit :

I read rwm man page carefully, but it is a bit tough to understand. So, how am I supposed to achieve this ?

RTFMing even more carefully, I finally managed to produce this working configuration:

database relay suffix ou=users,dc=domain relay ou=people,dc=domain overlay rwm rwm-suffixmassage ou=people,dc=domain rwm-map attribute uid localLogin rwm-map attribute uid rwm-rewriteEngine on rwm-rewriteContext bindDN rwm-rewriteMap slapd localLogin2uid "ldap:///ou=people,domain?uid?sub?localLogin=" rwm-rewriteRule "^uid=([^,]+?),ou=users,domain$" "uid=${localLogin2uid($1)},ou=people,domain" ":@I"

Everything works OK, excepted than as soon as I enable ppolicy, the server crashes...

That's not the latest available openldap version, but a centos build. However, I couldn't find anything in the changelog related to interactions between rwm and ppolicy, so I wonder if testing with a self compiled binary would help, excepted in ensuring the problem still exist in current version.

Here is gdb stack trace, if it helps. The centos debug package apparently doesn't match the release package (CRC mismatch in symbol files) so symbol resolution is unavailable.

(gdb) bt #0 0x0000000000000031 in ?? () #1 0x00007f7699c5e790 in bdb_reader_get () #2 0x00007f7699c68857 in bdb_entry_get () #3 0x00007f7699c1e0f9 in overlay_entry_get_ov () #4 0x00007f7699c1ec47 in ?? () #5 0x00007f7695ed4cb3 in ?? () from /usr/lib64/openldap/ppolicy-2.4.so.2 #6 0x00007f7699bc28be in ?? () #7 0x00007f7699bc560e in ?? () #8 0x00007f7699bc65d0 in slap_send_ldap_result () #9 0x00007f7699bd0509 in fe_op_bind_success () #10 0x00007f7699bd0c9f in fe_op_bind () #11 0x00007f7699bd1479 in do_bind () #12 0x00007f7699bb2369 in ?? () #13 0x00007f7699bb2cbd in ?? () #14 0x00007f7699cb2738 in ?? () #15 0x00007f7697b3b7f1 in start_thread () from /lib64/libpthread.so.0 #16 0x00007f769767eccd in clone () from /lib64/libc.so.6