[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ITS#6439

=46rom Solaris 10's 'ldapclient' manpage:

     defaultSearchScope=3Done | sub

         Specify the default search scope for the client's search
         operations.  This  default can be overridden for a given
         service by  specifying  a  serviceSearchDescriptor.  The
         default is one level search.

The parameter 'defaultSearchScope' only allows ONE or SUB.

The 'serviceSearchDescriptor' is not an option, since this is designed =
to work with NSS objects like 'passwd', 'shadow', 'hosts', etc.  rootDSE =
is not a service in that sense, so it won't work here.

For compatibility reasons, It may well be in OpenLDAP's best interest to =
provide options such as the ones I described previously, for "broken" or =
"substandard" clients such as the ones I am using.

I will point out that Solaris 11 doesn't exhibit these issues ---- But =
my company wants to use Solaris 10, which leaves me in the middle of a =
finger pointing party between OPENLDAP and SUN.  So you can understand =
why I might be asking for something as strange as this ....

SUN says OpenLDAP's standard/methods are questionable & strange.  =
OpenLDAP says Sun's client is broken and that we should hack it.   I say =
screw Solaris 10.

Thank you for your assistance. You can probably close this ticket.


On Jan 5, 2010, at 10:05 , masarati@aero.polimi.it wrote:

> The behavior you describe violates RFC 4512 (section 5.1), while =
> complies with it.  Please note that the root DSE is accessed using a
> plain, perfectly legal LDAP operation.  The fact a client cannot be
> configured to perform such a simple operation clearly indicates the =
> is broken.  A quick answer would be "get the client fixed".
> <advertisement>
> I can imagine simple workarounds, consisting in few lines of code that
> allow to circumvent the issue.  They probably require to hire some =
> consultant.
> </advertisement>
> p.