Victor Sudakov wrote: > Michael Str?der wrote: >>> "Be liberal in what you receive and conservative in what you send" is >>> a good old rule. >> >> If you change the subschema subentry you change something sent to the client. > > I still don't understand what's so bad about being able to request the > ordering of the 'cn' attribute. Actually the client could request that. >> I'd argue: Ask Microsoft to make it configurable. > > Not that I very much like Microsoft or am trying to defend them, but > they *have* made it configurable. You can set DisableVLVBrowsing=1 and > Outlook becomes compatible with OpenLDAP. It turns off addressbook > browsing, of course, but searching still works. Since you insist on using a rather unusable feature you should probably dive into RFC 2891 and look at this: SortKeyList ::= SEQUENCE OF SEQUENCE { attributeType AttributeDescription, orderingRule [0] MatchingRuleId OPTIONAL, reverseOrder [1] BOOLEAN DEFAULT FALSE } The LDAP client can (optionally) define which ordering matching rule to use for a particular attribute type. So ask M$ to send 'orderingRule' in the SSS request control if they do not send it yet. I'm too lazy to check in the PCAP data you posted before. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature