Re: LDAPv2 -> LDAPv3 in slapd and client API

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

At 02:30 AM 2002-01-09, Stephan Siano wrote:
>Hi,
>
>in the devel version the slapd refuses LDAPv2 binds (if not configured 
>differently in slapd.conf).

Yes.  For two reasons:
        a) slapd doesn't really implement LDAPv2 as specified
           (nobody really does)
        b) applications developers using HEAD who don't set the
           API version will realize they aren't using LDAPv3 and
           hopefully update their code to use LDAPv3.

>At the same time the default value for the 
>protocol version is set to LDAP_VERSION2 in ldap_init (actually in 
>ldap_int_initialize_global_options). Is there a reason for this behaviour? 
>Shouldn't the default better be set to LDAP_VERSION3? 

The IETF draft specification says:
  For compatibility with existing applications, implementations of
  this API will by default use version 2 of the LDAP protocol. 

Personally, I think the I-D should be changed.  But until the
I-D does change, I think we should follow the I-D as best we can.

>I know that I can set the protocol version from my application program, but I 
>would guess that might lead to problems with third party applications which 
>just use the OpenLDAP-API and don't care about protocol versions.

Applications which don't care about protocol versions are broken,
LDAPv2 and LDAPv3 are dramatically different protocols. See
<http://www.watersprings.org/pub/id/draft-zeilenga-ldapbis-vd-02.txt>
for just some of the differences.