[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Proxy to Active Directory: lost field
On Wed, 25 Mar 2009 18:57:21 +0100
Michael StrÃder <michael@stroeder.com> wrote:
> Pierangelo Masarati wrote:
> > Bogdan B. Rudas wrote:
> >
> >> I made custom schema with - I get values with Apache Directory
> >> Studio
> >>
> >> attributetype ( 1.2.840.113556.1.4.221 NAME 'sAMAccountName' SYNTAX
> >> '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
> >>
> >> Now I can see this field in LDAP browser, but still can't do
> >> searches using this filed.
> >
> > That's because the above attributetype does not have an EQUALITY
> > rule. You need to guess one, since AD appears to produce
> > inconsistent schema description. Depending whether it is supposed
> > to be case-sensitive or not, caseExactMatch or caseIgnoreMatch
> > should do the trick.
>
> caseIgnoreMatch is appropriate for 'sAMAccountName' I think.
>
> Ciao, Michael.
Thank you!
This solved my problem:
attributetype ( 1.2.840.113556.1.4.221 NAME 'sAMAccountName' EQUALITY
caseExactMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )