ldap attribute aliases
hyc at highlandsun.com
Sat Jan 15 07:09:45 GMT 2005
Luke Howard wrote:
>>- When you search for 'commonName' in an OpenLDAP server you get back
>> the attribute name 'cn', not 'commonName'. That seems very strange
>> to me. Is that just an OpenLDAP bug? It seems to be quite strange
>> from an API point of view, as it means that the application doing
>> the query then has to know about the alias, which makes the alias
>> quite useless. I would expect an LDAP server to return the name the
>> client used, not a canonicalized name, but this is just me trying
>> to apply common sense, not from reading the rfc.
> That's a good question -- Howard?
This is by design, yes. The OpenLDAP server returns the canonical name
for any attributeTypes that it recognizes. The guiding policy here is
"be liberal in what you accept, but strict in what you produce."
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
Symas: Premier OpenSource Development and Support
More information about the samba-technical