> This is an interesting idea but the "account balance" is IMHO no > more sensitive than the userPassword which is/can be protected adequately. It's a matter of best practices. Whatever business logic you're using to decide if the "account balance" is high enough doesn't belong in your LDAP clients (imho). --Derek