[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7342) Password modify EXOP requires a DN

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#7342) Password modify EXOP requires a DN
From: hyc@symas.com
Date: Wed, 1 Aug 2012 21:26:39 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

eclements@apple.com wrote:
> Full_Name: Eric Clements
> Version: 2.4.26
> OS: MacOS
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (17.193.15.131)
> 
> 
> RFC 3062 Section 2.1 (authored by OpenLDAP) states that a password modify
> request may or may not be an LDAP DN, yet OpenLDAP backend requires a DN.

I'm not sure I understand why you've filed this ITS. The RFC doesn't specify
that a server MUST support non-DN valued identities. It in fact says in Section 3:

   If the server does not recognize provided fields or does not support
   the combination of fields provided, it SHALL NOT change the user
   password.

Clearly it is allowed for a server to reject identities if it doesn't
recognize them.

-- 
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: (ITS#7343) dynlist overlay does not include attributes of an entry containing objectClass of the dynlist attrset
Next by Date: (ITS#7344) [PATCH] Add initial testsuit for slapo-constraint
Index(es):
- Chronological
- Thread