ldap attribute aliases

Howard Chu hyc at highlandsun.com
Sat Jan 15 09:47:03 GMT 2005

Andrew Tridgell wrote:
> Howard,
>  > "right" is subjective in this case, since these short names are just 
>  > another wart in the ugliness of the LDAP protocol.
> I don't think it is at all subjective from a users point of view. Can
> you show me any way to write working LDAP client code against the
> current OpenLDAP server that makes use of the second name for an
> attribute without having to also know about the first name?
> If the answer is that it can't be done then surely either removing the
> ability to have secondary names for attributes or fixing it to return
> the attribute name that was asked for are the only two options.

By all means, your software should assume that there are no secondary 
names. Think of them as just a transitional aid, to allow newer servers 
and clients to deal with data generated by older clients. Any 
contemporary software should only use the canonical name.

   -- Howard Chu
   Chief Architect, Symas Corp.       Director, Highland Sun
   http://www.symas.com               http://highlandsun.com/hyc
   Symas: Premier OpenSource Development and Support

More information about the samba-technical mailing list