[Pkg-openldap-devel] Bug#583319: Bug#583319: slapd: built-in schema for uidNumber/gidNumber does not have ordering directive
Brian Kroth
bpkroth at gmail.com
Fri Jul 30 15:00:04 UTC 2010
Arthur de Jong <adejong at debian.org> 2010-07-29 22:53:
> On Tue, 2010-07-27 at 18:17 -0700, Quanah Gibson-Mount wrote:
> > In any case, adding an ORDERING rule for them breaks the RFC's, and
> > OpenLDAP does its best to remain RFC compliant in core features. I would
> > suggest filing a new RFC that updates the rules for these attributes.
>
> You may be interested in this:
> http://tools.ietf.org/html/draft-howard-rfc2307bis-02
>
> Though it has not seen much activity lately and the status is somewhat
> unclear.
>
> --
> -- arthur - adejong at debian.org - http://people.debian.org/~adejong --
Goodie, I was wondering how I would go about starting an RFC. Seemed a
bit intimidating for such a simple thing as allowing an ordering
constraint :)
In the meantime I've hacked up a solution for us that adds locally
defined attributes that do include the ORDERING constraint to all local
account and groups objects which are generated from a database. Now
people can put filters like this in their libnss-ldap.conf:
nss_base_group ou=Group,o=Local?one?localGID>=1000
Thanks,
Brian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20100730/83f2bdaa/attachment.pgp>
More information about the Pkg-openldap-devel
mailing list