LDAP backend TODO: Determine the real behaviour of DN+String and DN+Binary
Stefan (metze) Metzmacher
metze at samba.org
Fri Oct 22 01:53:19 MDT 2010
Am 22.10.2010 05:58, schrieb Andrew Bartlett:
> The next big task, as I mentioned on mumble yesterday, for us to do on
> the OpenLDAP backend is to correctly test and implement the DN+String
> and DN+Binary matching rules.
> Once we have positive tests for these rules, then we can ask the
> OpenLDAP team to implement them, but we want to make sure we ask once,
> for the right thing (I may have already muddied the waters here, so I
> want to try again once, with the right info).
> The things we need to find out are:
> If I search on a DN+String attribute, does it match against the DN, or
> the DN+String. Likewise for the DN+Binary.
> If I attempt to add a duplicate DN+String value to an attribute, does it
> conflict (only unique values allowed in LDAP) based on the DN, or the DN
> +String. Likewise for DN+Binary.
There's also documentation about this, see [MS-ADTS] 220.127.116.11.2 Syntaxes.
Basicaly we need to prove the documentation with tests.
We should also try things like specify all possible matching rules,
explicit in the search request and use them for unrelated attributes.
E.g. use a Interger matching rule for a dn attribute.
Section 18.104.22.168.2.4 Supported Comparison Operations show most of it.
We need tests to prove that specified things work and the unspecified
things don't work.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 262 bytes
Desc: OpenPGP digital signature
More information about the samba-technical