Hi,

thanks for a second time for this great piece of software. Today I tried
out delegate as ldap-to-ldaps proxy. After one hour for reading manual
and building the config everything works :)

Now I have this delegated.conf:

-P192.168.25.50:389
SERVER=ldap
FSV=sslway
PERMIT="ldap:1.2.3.4:*"
VARDIR=${EXECDIR}

1.2.3.4 is replaced and is - of course - the IP of my ldap server.

But following problem:
Querying the proxy for user xyz gives me an invalid DN of the user:

$ ldapsearch -b "ou=group,dc=uni-xy,dc=de@3..:636" -D
"cn=proxuser,ou=proxygroup,dc=uni-xy,dc=de" -w - -h 192.168.25.50 -p 389
'(uid=xyz)'
Enter bind password:
version: ...
dn: uid=xyz,ou=group,dc=uni-xy,dc=de@3..:636
gidNumber: ...
cn: ...
givenName: ...
sn: ...
uidNumber: ...

Look at the "dn". Why is there the "@1.2.3.4:636" suffix?

Some applications do use the dn for a connect with this user.
And this user does not exist. -> error :(


Is there a possibility to play with this "MOUNT" option in delegate, so
I can omit the "@1.2.3.4:636" in the base-dn?
The 1.2.3.4 is the only server I want to connect with.

Would this help for this dn-problem?


Thanks in advance.

Kevin