Chris Mattmann schrieb: > Hi Emmanuel, > > Seems that PLA is doing a query with attr=''. On ApacheDS this returns > everything: dn and all attributes. I guess on more than 2 to 3 other LDAP > servers, this only returns the dn.
To request only the DN you should request attribute "1.1", see RFC4511, section 4.5.1.8 [1]. > See above link for more details. Any ideas here -- is this an ApacheDS > specific thing, or is there an RFC on this? Also, I would be happy to work > with you guys to contribute a patch should the need arise, just let me know > and thanks for all your help! I tested with the ldapsearch command line: ldapsearch -H ldap://localhost:10389 -x -D "uid=admin,ou=system" -W -b "ou=users,ou=system" -s base -a always "(objectClass=*)" "" Please note the empty "" at the end of the command. ApacheDS returns all user attributes, OpenLDAP returns no attributes. A second test: ldapsearch -H ldap://localhost:10389 -x -D "uid=admin,ou=system" -W -b "ou=users,ou=system" -s base -a always "(objectClass=*)" " " Please note the " " with the space at the end of the command. In that case ApacheDS returns an protocol error, I'll create a Jira for that: # extended result response extended: 1.3.6.1.4.1.1466.20036 data: result: 2 Protocol error text: PROTOCOL_ERROR: The server will disconnect! Kind Regards, Stefan [1] http://tools.ietf.org/html/rfc4511#section-4.5.1.8
