[Date Prev][Date Next]
Re: (ITS#4979) Bad response when requesting bad attributes
> ldapsearch -h localhost -p 10389 -D "uid=Admin,ou=system" -w secret -b
> "dc=example,dc=com" -s sub "(objectClass=*)" person
> will return all entries attributes, as if the 'person' was substituted
> by "*"
That is what RFC 4511 says. Section 188.8.131.52 (SearchRequest.attributes):
"If an attribute description in the list is not recognized, it is
ignored by the server."
Ignoring "person" yields an empty list, which works like a "*".
I'm guessing that's not what it was intended to say though. RFC 1777
(LDAPv2) did not have it, so 'person' would work like '1.1' does now.