UTF-8 support and other quirks in the LDAP backend (in 2.2.4).

[Shahms E. King]

> One problem we uncovered is that the backend needs to convert all strings 
> stored in LDAP to/from UTF-8. This mainly affects users real names which 
> look quite borked if they contain non 7bit ASCII chars. Some LDAP servers 
> will let you use any charset but OpenLDAP likes to enforce UTF-8 (also the 
> LDAPv3 standard mandates it).

Well, that's what I get for living in the US, i18n bugs don't tend to
bite me in the butt.

> Binding to the LDAP server with v3 of the protocol would be nice, since v2 
> is deprecated in OpenLDAP v2.1 (OK, so v2.1 isn't ready for prime time 
> yet, but it's still nice to get it done).

We do bind in v3 if it's supported, otherwise we fall back to v2 (or at
least, we used to, but I'm pretty sure it hasn't changed.)

> Sane defaults need to be added for optional attributes, for example 
> pwdMustChange ought to be never if it's not present in the users 
> record.

This sounds suspiciously like the (more serious) rid issues that
happened a while ago, but I don't think it should be something that is
too difficult to fix; then again, I haven't looked at pdb_ldap.c in a
while.

> My question is if anyone is actively working on the LDAP backend and if 
> the above problems will be fixed soon. Else I will start working on it 
> myself and submit some patches.

I don't know about the other contributors, but I personally am no longer
actively working on it.  I do, however, maintain an active interest in
it, and if I'm mistaken about binding with version 3, that is something
I will address.  I am, however, woefully lacking knowledge about
character set conversions at the moment, so if you would care to take
care of those issues I (and the rest of the non-English speaking, LDAP
and Samba using world) would be grateful.

--Shahms