[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [SOLVED] Re: Inconsistent answer from LDAP Server

Yoann Gini wrote:

Just for information, I’ve found the mechanism in OpenLDAP allowing integrators to do stupid things: overlays.

Congratulations, moron.

Apple has created a customer overlay for their own services and has recently added hardcoded value for specific request with specific attributes.

Which is exactly what I told you before.



I didn’t know that overlay was able to have deep control like that over LDAP request.

I can’t thanks you for this end since no one has ever mentioned that OpenLDAP has official hooking API on LDAP request but here is the solution for my problem and now I know how to fix it by my own, without waiting for a fix from Apple, just patching slapd, changing a condition in odusers_search function.

Best regards,

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/