[Date Prev][Date Next] [Chronological] [Thread] [Top]
Re: (ITS#5760) attribute hiding in rwm overlay

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5760) attribute hiding in rwm overlay
From: brett.maxfield@gmail.com
Date: Sat, 24 Jan 2009 16:54:31 GMT
--001485f01b2867b84704613d5bd9
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

On Sun, Jan 25, 2009 at 12:53 AM, Pierangelo Masarati <ando@sys-net.it>wrote:

>
>  If so, i can still see the behaviour here with 2.4.13, i can see
>> operational
>> attributes, but non non-operational attributes, when mapping both
>> objectclass and attribute..
>>
>> Bug seems to be focused on using of *, rather than an explicit list of
>> non-operational attrs which works, ie :
>>
>> I can search for attributes with * ( get all non-operational attributes )
>> and don't get any non-operational attributes, whereas explicitly adding
>> any
>> non-operational attribute will result i a search returning the named
>> values,
>> which is allowable via the objectclass maps.
>>
>> seems to work the same (omitting non-oprational attrs), even if i dont
>> specufy the objectclass rwm maps.
>>
>
> Not sure I understand.  Can you post simple (both working and not working)
> examples?
>

Last time i looked at this after release of 2.4.13 it was not working. Eg:
given attribute maps:

# these dont work
rwm-map attribute cn *
rwm-map attribute sn *
rwm-map attribute givenName *
rwm-map attribute mail *
rwm-map attribute c *
rwm-map attribute o *
rwm-map attribute ou *

# these work
rwm-map attribute hasSubordinates *
rwm-map attribute subschemaSubentry *
rwm-map attribute entryUUID *

# this enabled
rwm-map attribute *

I could see operational attributes, in response to having + in the attribute
list when querying, and would get all operational attributes without naming
them specifically. But i could not similarly use *, to return all
non-operational attributes without specifying them individually.

As most ldap browsers default to using *,+ in the attribute list, i could
only see operational attributes when using an ldap browser with it's default
settings.

However if i specifically put  cn,sn,givenName,etc., in the attribute list
instead of using the shortcut *,+ i could get non-operational attributes
(cn,sn,givenName,etc.,) showing normally in queries.

The specific configs are not around anymore, but the snippit above from the
ITS covers the important rwm-map bits.

I will try to duplicate my previous results in detail, with debugging, to
help diagnose this further...

Cheers
Brett

--001485f01b2867b84704613d5bd9
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<br><div class=3D"gmail_quote">On Sun, Jan 25, 2009 at 12:53 AM, Pierangelo=
 Masarati <span dir=3D"ltr">&lt;<a href=3D"mailto:ando@sys-net.it";>ando@sys=
-net.it</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quote" style=3D=
"border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padd=
ing-left: 1ex;">
<div class=3D"Ih2E3d"><br>
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
If so, i can still see the behaviour here with 2.4.13, i can see operationa=
l<br>
attributes, but non non-operational attributes, when mapping both<br>
objectclass and attribute..<br>
<br>
Bug seems to be focused on using of *, rather than an explicit list of<br>
non-operational attrs which works, ie :<br>
<br>
I can search for attributes with * ( get all non-operational attributes )<b=
r>
and don&#39;t get any non-operational attributes, whereas explicitly adding=
 any<br>
non-operational attribute will result i a search returning the named values=
,<br>
which is allowable via the objectclass maps.<br>
<br>
seems to work the same (omitting non-oprational attrs), even if i dont<br>
specufy the objectclass rwm maps.<br>
</blockquote>
<br></div>
Not sure I understand. &nbsp;Can you post simple (both working and not work=
ing) examples?<div><br>
</div></blockquote></div><br>Last time i looked at this after release of 2.=
4.13 it was not working. Eg: given attribute maps:<br><pre># these dont wor=
k<br>rwm-map attribute cn *<br>rwm-map attribute sn *<br>rwm-map attribute =
givenName *<br>
rwm-map attribute mail *<br>rwm-map attribute c *<br>rwm-map attribute o *<=
br>rwm-map attribute ou *<br><br># these work<br>rwm-map attribute hasSubor=
dinates *<br>rwm-map attribute subschemaSubentry *<br>rwm-map attribute ent=
ryUUID *<br>
<br># this enabled<br>rwm-map attribute *<br></pre>I could see operational =
attributes, in response to having + in the attribute list when querying, an=
d would get all operational attributes without naming them specifically. Bu=
t i could not similarly use *, to return all non-operational attributes wit=
hout specifying them individually.<br>
<br>As most ldap browsers default to using *,+ in the attribute list, i cou=
ld only see operational attributes when using an ldap browser with it&#39;s=
 default settings.<br><br>However if i specifically put&nbsp; cn,sn,givenNa=
me,etc., in the attribute list instead of using the shortcut *,+ i could ge=
t non-operational attributes (cn,sn,givenName,etc.,) showing normally in qu=
eries.<br>
<br>The specific configs are not around anymore, but the snippit above from=
 the ITS covers the important rwm-map bits.<br><br>I will try to duplicate =
my previous results in detail, with debugging, to help diagnose this furthe=
r...<br>
<br>Cheers<br>Brett<br><br>

--001485f01b2867b84704613d5bd9--
Prev by Date: (ITS#5904) Docs: admin guide describes log levels inconsistently
Next by Date: Re: (ITS#5904) Docs: admin guide describes log levels inconsistently
Index(es):
- Chronological
- Thread