Armando Martins wrote: > Hi, > > I'm trying to sync a active directory with a openldap and for update the > entries i use the objectsid binary attribute of the active directory as the > link attribute between the two directories. > > I'm having an issue with the binary data inserted in a octetstring attribute. > There is no problem to insert the data in the attribute. but when i request > the attribute there is no entries returned. Howerver, when i do the same > request in active directory it returns me the right answer. > > Here is my attribute specification in openldap : > > attributetype ( 1.3.6.1.4.1.31631.1.1.2.1.1 > NAME 'binarysid' > DESC 'binary object' > SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 > ) > > and here is the data inserted in this attribute : > > binarysid:: AQUAAAAAAAUVAAAA77+9OzJ577+9Ve+/vVEdA2pm77+977+9AAA= > > if i request my openldap with this filter : > > filter="(&(objectClass=inetOrgPerson)(binarysid=\01\05\00\00\00\00\00\05\15\00\00\00\CE;2y\C5U\C2Q\1D\03jf\ED\FB\00\00))" > > No answer is returned, but when i request the active directory with this filter : > > filter="(&(objectClass=user)(objectsid=\01\05\00\00\00\00\00\05\15\00\00\00\CE;2y\C5U\C2Q\1D\03jf\ED\FB\00\00))" > > He returns me the right answer... > > Do i have a problem with my attribute in openldap? > > if someone could help me, I will really appreciate. You did not add an EQUALITY matching rule to your attribute type description. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature