Pierangelo Masarati wrote:
On Thu, 2006-01-19 at 17:08 -0500, Joshua Myles wrote:
Apparently, the proxy doesn't know about "foobarUniqueIdentifier" and
thus DN normalization fails. You should extend the proxy schema with
those items it's intended to proxy. Note that OpenLDAP 2.3 contains
some provisions to automatically extend the schema of proxied data;
apparently, you're not doing things in the "right" sequence (for
example, if a previous operation returned "foobarUniqueIdentifier", it
would have made it into the "proxied" attrs set, and it would have been
"blindly" accepted in DN normalization; however this is sort of a
workaround. The best solution is to extend the schema of the proxy.
[advertisement: SysNet developed custom tools to do this automatically
from flat file or from remote server, one-shot or periodically; they
also fix known flaws and issues in third party and older OpenLDAP DSA
schemas].
I suppose we could make back-ldap read the remote servers
subschemasubentry at startup time, or something, and import any schema
definitions that didn't clash with local ones.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/