[Date Prev][Date Next]
Re: Openldap 2.x but still no roaming profiles
At 11:32 PM 9/16/00 +0200, Hugo.van.der.Kooij@caiw.nl wrote:
>On Sat, 16 Sep 2000 Hugo.van.der.Kooij@caiw.nl wrote:
>> I've done testing with two netscape clients (1 on win 98 and 1 on linux).
>> The win98 normally uses another ldap server (openldap 1.2.11) and can
>> store it's info there but up 'till now I'm unsuccesfull in ding the same
>> job with OpenLDAP 2.0
>I've done some more testing with ethereal 0.8.12 as referee. It seems
>there still exists some issue with the ;binary stuff in v2.0.3 present.
>The trace shows:
> Error Message: attribute requires ;binary transfer
This message indicates the client provided an attribute without
using ;binary when the server required it. The OpenLDAP 2.0
server requires ;binary transfer of a number of syntaxes. Besides
certificates and such, 2.0.3 requires ;binary transfer of the binary
syntax. Due to a bug in prior releases, binary syntax did not
require ;binary transfer (though this was our intent as indicated
in our subschema). ;binary transfer of the binary syntax is
needed for inetOrgPerson compatibility. This will, however,
break applications not expecting this ;binary transfer of the
I raised the question to IETF LDAPbis BOF mailing list
<http://www.openldap.org/ietf-ldapbis/> for discussion. This
appears to be compatibility issue which needs to be addressed
in the LDAPv3 specifications.
As far as Netscape Roaming interoperability goes, I suggest you
redefine (with new OIDs) each attribute type of binary syntax
to be octetString syntax. This is likely what Netscape meant
all along. As I noted previously, arbitrarily mapping old
'bin' to binary does make sense.