[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem with binary data inserted in octetstring attribute.



Hi Michael, 

Yes i've also think to that. And i've try to put the octetStringMatch equality matching rule in my attribute definition. But unfortunately, the result is the same...

Thanks

2015-09-02 21:54 GMT+02:00 Michael Ströder <michael@stroeder.com>:
Armando Martins wrote:
> Hi,
>
> I'm trying to sync a active directory with a openldap and for update the
> entries i use the objectsid binary attribute of the active directory as the
> link attribute between the two directories.
>
> I'm having an issue with the binary data inserted in a octetstring attribute.
> There is no problem to insert the data in the attribute. but when i request
> the attribute there is no entries returned. Howerver, when i do the same
> request in active directory it returns me the right answer.
>
> Here is my attribute specification in openldap :
>
> attributetype ( 1.3.6.1.4.1.31631.1.1.2.1.1
>         NAME 'binarysid'
>         DESC 'binary object'
>         SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
>  )
>
> and here is the data inserted in this attribute :
>
> binarysid:: AQUAAAAAAAUVAAAA77+9OzJ577+9Ve+/vVEdA2pm77+977+9AAA=
>
> if i request my openldap with this filter :
>
> filter="(&(objectClass=inetOrgPerson)(binarysid=\01\05\00\00\00\00\00\05\15\00\00\00\CE;2y\C5U\C2Q\1D\03jf\ED\FB\00\00))"
>
> No answer is returned, but when i request the active directory with this filter :
>
> filter="(&(objectClass=user)(objectsid=\01\05\00\00\00\00\00\05\15\00\00\00\CE;2y\C5U\C2Q\1D\03jf\ED\FB\00\00))"
>
> He returns me the right answer...
>
> Do i have a problem with my attribute in openldap?
>
> if someone could help me, I will really appreciate.

You did not add an EQUALITY matching rule to your attribute type description.

Ciao, Michael.




--
Armando Martins