Howard Chu writes:
It is your application's responsibility to convert between local time
and GMT when interacting with the directory.
Remember that LDAP is a wide area system, accessible from anywhere in
the world. Storing local time in the directory would be
meaningless for
clients that don't understand your timezone's rules, but all computer
systems know how to handle GMT.
That's not right. Remember that the Generalized Time syntax (used by
e.g. modifyTimestamp) requires a suffix with the timezone: Either 'Z'
for GMT, or '+/-hh[mm]'. Clients don't need to know any particular
timezone's rules to handle that, they only need to know how to convert
between specified timezones.
So OpenLDAP could be patched with an option to create attributes like
modifyTimestamp: 20070419225007+0200
instead of modifyTimestamp: 20070419205007Z
though I don't know how much code assumes the 'Z' format is used.