[Date Prev][Date Next] [Chronological] [Thread] [Top]

Migrating from iPlanet, "binary" issues



I am exploring migrating from iPlanet 4.x to OpenLDAP. The first item is
a simple compatability check, and I have run into a (seemingly)
undocumented snag.

When porting our schema from iPlanet to OpenLDAP everything worked OK.
However, when adding values into the directory I ran into an issue with
the "binary" syntax (1.3.6.1.4.1.1466.115.121.1.5) and the ";binary"
transfer option. One of our schema elements is a "binary" syntax that is
sent with the ";binary" option. Apparently this does not work with
OpenLDAP 2.x? (Many items in iPlanet default schema are "binary" syntax,
which are not so in OpenLDAP, like userCertificate)

To remedy this issue I tried to follow the suggestion in the admin guide
(section 8.2.4.2) and hacked my current schema to make it an Octet String
(1.3.6.1.4.1.1466.115.121.1.40) thinking this would allow me to use the
";binary" option - no luck here either.

The specific error I get is:
option "binary" with type not supported; Undefined attribute type

I have seen some discussion about a year ago on this topic on the dev
list, but I fail to see anything in the guides stating what is
implemented. Can anyone answer the following questions for me:
1) What are the rules for ";binary" and syntaxes?
2) what syntaxes OpenLDAP cares about
3) how it treats objects sent to it with the ";binary" option versus ones
not (for example, the schema says I have to use ";binary" for
userCertificate to set it - why? what do I get if I don't retreive that
way? What if I send base64?)

Thanks!
-lon