Hello all,
we want to ensure that all entries added to the member and manager
attributes are valid DNs and point to existing objects in our LDAP. We
had the refint overlay do this on version 2.2 but as it seems 2.3
removed this undocumented feature. We lately moved to 2.5 and have
issues with faulty entries.
When I tried to configure the overlay with:
olcConstraintAttribute: member uri
ldap:///dc=example,dc=com?dn?sub?(objectClass=*)
or
olcConstraintAttribute: member uri
ldap:///dc=example,dc=com??sub?(objectClass=*)
or both URIs with an actual objectClass specified, my slapd (2.5.19)
crashes on the URI verification step as it seems.
Is my usage of the overlay itself correct (including the URI) or is
there a better way to ensure the existence of an referenced object?
Thanks a lot!
Best,
Adrian
