Jonathan Clarke wrote:
This means that the same search, on the same data, can return different
results at different times, depending on whether or not a previous
search had succeeded and returned given attribute (samAccountName).
Currently, we have worked around this problem by either:
- running a bogus ldapsearch just after starting slapd, that returns
this attribute
- adding the attribute description to a local schema
What is the general opinion on working around this issue? Might there be
a way to implement something that ensures this happens automatically?
I'm thinking of delegating filter checking to proxied servers for ldap
backends, or automatically fetching schemas from them... Any experience,
ideas?
A properly configured server will have all of the schema definitions for every
data item it serves. I would expect that you could use your colleague's schema
downloader to automate this setup.
http://www.openldap.org/its/index.cgi/Contrib?id=3429
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
