[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Difference between 2.4.30 and 2.3.43 in certificateMatch.
- To: openldap-technical@openldap.org
- Subject: Difference between 2.4.30 and 2.3.43 in certificateMatch.
- From: Mike Hulsman <mike@hulsman.net>
- Date: Tue, 27 Nov 2012 15:36:03 +0100
- Content-disposition: inline
- User-agent: Dynamic Internet Messaging Program (DIMP) H3 (1.1.4)
Hi,
I stumbled upon an difference between openldap 2.4.30 and 2.3.43.
This is my configuration.
X509 certificates are stored in the directory and a search is done with:
(&(mail=aaa@a.b)(userCertificate:certificateMatch:=<binary
certificate)) if that is a match the uid must be returned.
That is working on 2.3.43 but when I try that on 2.4.30 it does not
work and I start debugging I see
filter="(&(mail=aaa@a.b)(?=undefined))" in the logfiles.
The request is the same on both openldap servers, I copied the
schema's and the acl's are the same.
A slapcat on 2.3.43 is done and imported on 2.4.30
An ldapsearch on both servers for that user is returning the same data.
Do I need some more configuration for the 2.4.30 version or am I doing
something wrong.
The 2.3.43 version is working properly, but I want to update to 2.4.xx
for better replication.
Kind regards.
Mike Hulsman
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.