[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Question about using OpenLDAP client libraries to write attribute with unknown syntax OID

On Tue, Feb 15, 2005 at 04:20:56PM -0800, Kurt D. Zeilenga wrote:
| At 02:16 PM 2/15/2005, Jonathan Abbey wrote:
| >I suppose what my question comes down to is, do the OpenLDAP client
| >libraries require knowledge of the specific syntax OID (such as above)
| >in order to properly generate the ASN.1/BER encoding of the attribute?
| No.  The OpenLDAP client libraries expect the caller to provide
| properly encoded values for transfer.
| >Or do the OpenLDAP client libraries not care about the syntax OID?
| The client does not care what the syntax OIDs are, and in fact, has
| no knowledge what they are.

Okay, that all makes sense, thank you.  I had seen some hits on Google
that appeared to suggest that.

Upon further investigation, it appears that what we're doing wrong is
failing to set certain LDAPControls required by AD in order to modify
the ntSecurityDescriptor attribute.  The Python-LDAP classes we're
using do not currently support LDAPControl, so we may wind up trying
to help out implementing LDAPControl support for Python.



| Kurt 

Jonathan Abbey 				              jonabbey@arlut.utexas.edu
Applied Research Laboratories                 The University of Texas at Austin
GPG Key: 71767586 at keyserver pgp.mit.edu, http://www.ganymeta.org/workkey.gpg

Version: GnuPG v1.2.1 (SunOS)