[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4979) Bad response when requesting bad attributes



elecharny@apache.org writes:
> ldapsearch -h localhost -p 10389 -D "uid=Admin,ou=system" -w secret -b
> "dc=example,dc=com" -s sub "(objectClass=*)" person
>
> will return all entries attributes, as if the 'person' was substituted
> by "*"

That is what RFC 4511 says.  Section 4.5.1.8 (SearchRequest.attributes):
  "If an attribute description in the list is not recognized, it is
  ignored by the server."
Ignoring "person" yields an empty list, which works like a "*".

I'm guessing that's not what it was intended to say though.  RFC 1777
(LDAPv2) did not have it, so 'person' would work like '1.1' does now.

-- 
Regards,
Hallvard