Hello Ralf, nice to know that someone from Novell is reading here, too.
Currently I have opened up a Service Request regarding this topic at Novells Suport Center and pointed that out as a Feature Request but also as problem I and other people have and are lookinf for a workaround. Too bad I am really low experienced in building complex ACLs to filter stuff like this, maybe someone else is able to help us (James and me) to workaround that problem. I'll give it a shot and let you know if it's working or not. :) Bye, Benjamin. On Tue, Nov 2, 2010 at 16:05, Ralf Haferkamp <[email protected]> wrote: > Am Donnerstag 28 Oktober 2010, 19:57:17 schrieb Benjamin Griese: >> Hello James, >> >> thanks for replying giving us your opinion. >> Sometimes I thought I was the only person who has the problem you're >> talking of. I am in the same dilemma as you are, using SLES11 /w SP1 >> and have a not working solaris nativ ldap client oder downgrading to >> SLES1 /wo SP1 but using a rather outdated version of OpenLDAP 2.4.12 >> but seems to work with the solaris ldap client and your outlook 2003 >> client. >> >> The problem is, Novell won't release any package changes in endless >> time, probably für SP2 at earliest point in time. To get/keep it >> working you have to stay on the older version and I have to downgrade. >> This is a quite annoying state of a problem we have here. > FYI, we (Novell) are currently working on releasing an update to fix this > problem. I can't tell you when it will get released, yet. But it will for > sure be before SLES11 SP2. > > Until then a possible workaround could be to use some clever ACL to > filter the OIDs of VLV and Server Side Sort from the supportedControl > Attribute of the rootDSE. > >> I'll point out the problem to my boss, maybe there is something I can >> do about it, but for my own laziness, I don't want to regurlarly check >> for/download/recompile the OpenLDAP package in the lifetime of the >> server to fix some particular security issues. >> >> So what are we going to do in the meantime? At my site, everything >> except listing of user/groups is working on the client side, not that >> big of an issue, but thats also true for dynamic lists that I wanted >> to use and thats a big issue. :/ >> >> How is your state and how big is the problem? >> >> Bye, Benjamin. >> >> PS: Dieter, I tried to get the list of supported controls from the >> server via the solaris client, but had not luck. >> > [..] > > -- > Ralf > > SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) > -- To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To be is to do -- Sartre | Do be do be do -- Sinatra
