slapd-meta-rewrite.conf   [plain text]

#
# master slapd config -- for testing of ldap metadirectory rewrite
#
ucdata-path	./ucdata
include		./schema/core.schema
include		./schema/cosine.schema
include		./schema/inetorgperson.schema
#
schemacheck	off
#
pidfile		./meta-db/slapd.pid
argsfile	./meta-db/slapd.args

access to attr=userPassword 
	by anonymous auth
	by self write

access to dn.regex="[^,]+,ou=People,dc=[^,]+,o=Foo Bar,c=US" attr=sn
	by group.exact="cn=Users,ou=Groups,dc=bar,o=Foo Bar,c=US" read
	by * none

access to dn.regex="[^,]+,ou=Groups,dc=[^,]+,o=Foo Bar,c=US" attr=cn
	by group.exact="cn=Users,ou=Groups,dc=bar,o=Foo Bar,c=US" read
	by * none

#access to dn.regex="[^,]+,ou=Groups,dc=[^,]+,o=Foo Bar,c=US" attr=cn
#	by dnattr=member read
#	by * none

access to * 
	by * read

#######################################################################
# ldap database with suffix massage definitions
#######################################################################

include		./slapd-ldap.conf

#######################################################################
# ldbm database definitions
#######################################################################

include		./slapd-ldbm.conf

#######################################################################
# meta database definitions
#######################################################################

database	meta
suffix		"o=Foo Bar,c=US"
dncache-ttl	forever
lastmod		off
rootdn		"cn=root,o=Foo Bar,c=US"
rootpw		foo

uri		"ldap://localhost:@PORT@/ou=People,dc=foo,o=Foo Bar,c=US"
pseudorootdn	"cn=Root,ou=People,dc=foo,dc=example,dc=com"
pseudorootpw	ldap
rewriteEngine	on
rewriteContext	default
rewriteRule	"(.*)o=Foo Bar,[ ]?c=US" "%1dc=example,dc=com"
rewriteContext	searchResult
rewriteRule	"(.*)dc=example,[ ]?dc=com" "%1o=Foo Bar,c=US"
rewriteContext	searchFilter
rewriteRule	"(.*)member=([^)]+),o=Foo Bar,[ ]?c=US(.*)" "%1member=%2,dc=example,dc=com%3"

uri		"ldap://localhost:@PORT@/ou=People,dc=bar,o=Foo Bar,c=US"
pseudorootdn	"cn=Root,ou=People,dc=bar,dc=example,dc=com"
pseudorootpw	ldap
rewriteEngine	on
rewriteContext	default
rewriteRule	"(.*)o=Foo Bar,[ ]?c=US" "%1dc=example,dc=com"
rewriteContext	searchResult
rewriteRule	"(.*)dc=example,[ ]?dc=com" "%1o=Foo Bar,c=US"
rewriteContext	searchFilter
rewriteRule	"(.*)member=([^)]+),o=Foo Bar,[ ]?c=US(.*)" "%1member=%2,dc=example,dc=com%3"
default-target
map		attribute givenName sn

uri		"ldap://localhost:@PORT@/ou=Groups,dc=bar,o=Foo Bar,c=US"
rewriteEngine	on
rewriteContext	default
rewriteRule	"(.*)o=Foo Bar,[ ]?c=US" "%1dc=example,dc=com"
rewriteContext	searchResult
rewriteRule	"(.*)dc=example,[ ]?dc=com" "%1o=Foo Bar,c=US"
rewriteContext	searchFilter
rewriteRule	"(.*)member=([^)]+),o=Foo Bar,[ ]?c=US(.*)" "%1member=%2,dc=example,dc=com%3"