Bug#583319: [Pkg-openldap-devel] Bug#583319: slapd: built-in schema for uidNumber/gidNumber does not have ordering directive
Arthur de Jong adej...@debian.org 2010-07-29 22:53: On Tue, 2010-07-27 at 18:17 -0700, Quanah Gibson-Mount wrote: In any case, adding an ORDERING rule for them breaks the RFC's, and OpenLDAP does its best to remain RFC compliant in core features. I would suggest filing a new RFC that updates the rules for these attributes. You may be interested in this: http://tools.ietf.org/html/draft-howard-rfc2307bis-02 Though it has not seen much activity lately and the status is somewhat unclear. -- -- arthur - adej...@debian.org - http://people.debian.org/~adejong -- Goodie, I was wondering how I would go about starting an RFC. Seemed a bit intimidating for such a simple thing as allowing an ordering constraint :) In the meantime I've hacked up a solution for us that adds locally defined attributes that do include the ORDERING constraint to all local account and groups objects which are generated from a database. Now people can put filters like this in their libnss-ldap.conf: nss_base_group ou=Group,o=Local?one?localGID=1000 Thanks, Brian signature.asc Description: Digital signature
Bug#583319: [Pkg-openldap-devel] Bug#583319: slapd: built-in schema for uidNumber/gidNumber does not have ordering directive
On Tue, 2010-07-27 at 18:17 -0700, Quanah Gibson-Mount wrote: In any case, adding an ORDERING rule for them breaks the RFC's, and OpenLDAP does its best to remain RFC compliant in core features. I would suggest filing a new RFC that updates the rules for these attributes. You may be interested in this: http://tools.ietf.org/html/draft-howard-rfc2307bis-02 Though it has not seen much activity lately and the status is somewhat unclear. -- -- arthur - adej...@debian.org - http://people.debian.org/~adejong -- signature.asc Description: This is a digitally signed message part
Bug#583319: [Pkg-openldap-devel] Bug#583319: slapd: built-in schema for uidNumber/gidNumber does not have ordering directive
--On Tuesday, July 27, 2010 6:14 PM -0500 Brian Kroth bpkr...@gmail.com wrote: A diff of a dump of the cn=schema,cn=config object doesn't show any changes before or after the ldapmodify. Ugh, those are both hard coded into slapd. You'll have to modify the source code and build your own slapd for this. In any case, adding an ORDERING rule for them breaks the RFC's, and OpenLDAP does its best to remain RFC compliant in core features. I would suggest filing a new RFC that updates the rules for these attributes. --Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc Zimbra :: the leader in open source messaging and collaboration -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#583319: [Pkg-openldap-devel] Bug#583319: slapd: built-in schema for uidNumber/gidNumber does not have ordering directive
--On Thursday, May 27, 2010 1:57 AM +0100 Stephen Gran sg...@debian.org wrote: Package: slapd Version: 2.4.11-1+lenny1 Severity: normal Hello, It is frequently useful to be able to do searches like (uidNumber=1). This used to be possible by munging the NIS schema to include: ORDERING integerOrderingMatch on the uidNumber and gidNumber attributes. Now that the attributes are built in, this is not possible. Please consider adding an ORDERING directive to the attribute definition. Why don't you just modify it, using ldapmodify against the cn=config database? I don't see anything here for Debian to do. I would suggest, of course, using a current release, given the antiquity of 2.4.11 at this point. --Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc Zimbra :: the leader in open source messaging and collaboration -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org