Re: back-ldap: proxying legacy apps to legacy or V3 servers

[Pierangelo Masarati <masarati@aero.polimi.it>]

"Randall S. Winchester" wrote:
> 
> Is there not some library routine that the current slapd uses when a
> LDAP-V2 client connects to it?
> 
> I would think it acceptable for the proxy to only support ;
> 
> 1) LDAP-V2 client <-- LDAP-V2 server
> 2) LDAP-V3 client <-- LDAP-V3 server
> 3) LDAP-V2 client <-- LDAP-V3 server supporting LDAP-V2 clients
> 
> and not support
> 
> 4) LDAP-V3 client <-- LDAP-V2 server
> 
> Then the only conversion would be for "3)" which I would think is already
> supported somehow?

As Howard said, it is not; only option 2) is truly supported (to the
extent
OpenLDAP client library and server implement LDAPv3); all the other 
combinations (of course option 4) is not) are supported as soon as the
attribute
values stick with the common part of T61 UTF-8 (plain ascii or so, I
guess).
The fact the current implementation also speaks LDAPv2 is a matter of
protocol
(i.e., I assume, supported/understood ber tags) which has little to do
with
the values that are transported.  The latter are always UTF-8,
regardless 
of the requested/agreed protocol version (or, at least, that's how I
understand 
it; someone else perhaps may better clarify this point).

Pierangelo.

-- 
Dr. Pierangelo Masarati               | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale                | fax:   +39 02 2399 8334
Politecnico di Milano                 |
mailto:pierangelo.masarati@polimi.it
via La Masa 34, 20156 Milano, Italy   |
http://www.aero.polimi.it/~masarati