On 22 Apr 2012, at 19:10, Peter Marschall wrote:
> Hi,
>
> On Sunday, 22. April 2012, Alexei Znamensky wrote:
>> it looks like a problem to me, but I might be wrong. It seems
>> that Net::LDAP::FilterMatch doesn't cope with filters of the type:
>>
>> (dn=*)
>> (dn=cn=joe doe,ou=somewhere)
>
> DN is not an attribute, it is the object's name.
> These filters are illegal.
> LDAP RFCs do not define filters with DN on the left hand side.
You can have an extensible match filter item that matches against an entry's
DN. RFC 4515 gives a couple of examples in section 4:
(sn:dn:2.4.6.8.10:=Barney Rubble)
(o:dn:=Ace Industry)
(:DN:2.4.6.8.10:=Dino)
But it isn't clear if Alexei wants that or not. Alexei, what are you trying to
do and what's your DIT structure?
Chris
