[Date Prev][Date Next]
Case (in)sensitivity in "by set" ACL?
We have a number of ACLs, in production on OpenLDAP 2.2.26, which are of
by set="user/eduPersonAffiliation* & [Faculty]" read
where the case of the attribute value in a given entry matches the ACL
as shown, and the eduPersonAffiliation attribute is
In testing these ACLs on 2.3.21, I found that the ACLs never match,
because the bvals returned from the entry () are returned as downcased,
but the comparison apparently is done case sensitively.
I assume this behavior could be correct, although it seems illogical,
and has apparently changed. In any case, is this the defined or
The Linux Box
206 South Fifth Ave. Suite 150
Ann Arbor, MI 48104