On Sat, 2008-01-12 at 11:09 +0100, Pierangelo Masarati wrote: > Pierangelo Masarati wrote: > > Andrew Bartlett wrote: > > > >> Attached is what I ended up with, for OpenLDAP. > >> > >> How easy would it be for your patch to handle all attribute names in a > >> DN, rather than a list? > > > > My example changes the case of the listed attributeTypes at startup; > > would what you suggest be the same? Namely, you configure the module > > with a DN and all it needs is parse the DN and uppercase the naming > > attributes in that DN, > > Please forget about the above > > > or should it be something done run-time, any time > > a DN needs to be prettified? > > This should do the trick: <http://www.sys-net.it/~ando/Download/nsdn.c>. > > With respect to making sure the parent's DN and the parent portion of an > entry's DN exactly match, I think we need to intercept add operations to > enforce that. Or, in general, this change could be beneficial to slapd: > since we're checking for the existence of the parent anyway, we could > rebuild the entry's DN using the normal/pretty RDN and the parent's DN. I also use the same check to validate the schema, as AD has a concept of 'allowed child classes'. But yes, I think it's a very good idea. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc.
Attachment:
signature.asc
Description: This is a digitally signed message part