Hello I would like to test if an attribute is set without disclosing it. Using an ACL that grants the search right does it: I can do ldapsearch -b dn attr=*' dn and see if I get a result. Problem: it is still possible to brute force the atribute value, by searching x* with x being the first lette,r, then xy* and so on. Is there a way to address this? -- Emmanuel Dreyfus manu@netbsd.org