On Thu, 2006-01-19 at 17:08 -0500, Joshua Myles wrote:
Apparently, the proxy doesn't know about "foobarUniqueIdentifier" and
thus DN normalization fails. You should extend the proxy schema with
those items it's intended to proxy. Note that OpenLDAP 2.3 contains
some provisions to automatically extend the schema of proxied data;
apparently, you're not doing things in the "right" sequence (for
example, if a previous operation returned "foobarUniqueIdentifier", it
would have made it into the "proxied" attrs set, and it would have been
"blindly" accepted in DN normalization; however this is sort of a
workaround. The best solution is to extend the schema of the proxy.
[advertisement: SysNet developed custom tools to do this automatically
from flat file or from remote server, one-shot or periodically; they
also fix known flaws and issues in third party and older OpenLDAP DSA
schemas].