Philip Brusten wrote: > Hi > > We have set up an LDAP proxy (slapd-ldap) in front of a NetIQ eDirectory. > > The LDAP-client which connects to the proxy uses an extended operation, but > the request fails because the proxy is not aware of this extension: > > do_extended: unsupported operation "2.16.840.1.113719.1.39.42.100.... > RESULT tag=120 err=2 text=unsupported extended operation > > # ldapsearch -H ldaps://proxy:port -b '' -s base -D <snip> -W -LLL > supportedExtension > Enter LDAP Password: > dn: > supportedExtension: 1.3.6.1.4.1.1466.20037 > supportedExtension: 1.3.6.1.4.1.4203.1.11.1 > supportedExtension: 1.3.6.1.4.1.4203.1.11.3 > supportedExtension: 1.3.6.1.1.8 > > Whereas the NetIQ eDirectory back-end supports lots of custom NetIQ > extensions: > > # ldapsearch -H ldaps://backend:port -b '' -s base -D <snip> -W -LLL > supportedExtension > Enter LDAP Password: > dn: > supportedExtension: 2.16.840.1.113719.1.39.42.100.1
> Is there a way to allow these extensions on the proxy? Write yourself a dynamic module to register those extension OIDs in back-ldap. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
