Am Mo., 30. März 2020 um 18:40 Uhr schrieb Howard Chu <[email protected]>: > > Kevin Olbrich wrote: > > Hi! > > > > Thanks for your reply. I don't know what you are referring to on the > > man page but as far as I know, this indicates, that OpenLDAP doesn't > > know about the attribute. > > Exactly. > > > I know that but I don't care, as OpenLDAP is just a read-only proxy, > > it does not need to know anything about the schema as it does not need > > to validate it. > > If you want the attribute to stop being passed in upper case, fix your > schema. Period, end of story. >
That means I need to define everything again? Both in AD and Slapd? Either I missed something or this is very laborious. And there is realy no setting to disable this behaviour? The setup where I need this is a simple DMZ (tls enforcing) proxy. > > > > Is this what you mean? Otherwise I might need a hint :-( > > > > Kind regards > > Kevin > > > > Am Sa., 28. März 2020 um 18:06 Uhr schrieb Howard Chu <[email protected]>: > >> > >> Kevin Olbrich wrote: > >>> Hi! > >>> > >>> How can I disable the behavior of CAPITAL letters when OpenLDAP proxies > >>> an AD? > >>> I know they should be case insensitive but I had to debug Rocketchat > >>> for two hours to find, they use sAMAccountName (case sensitive) and > >>> the app crashed because mine was named SAMACCOUNTNAME. > >>> (I will open a bug there but I bet there is a lot of broken SW). > >> > >> Read the slapd-ldap(5) manpage. These attributes are shown in all capital > >> letters > >> to make you aware that you have a broken configuration. Fix it and they > >> will return > >> to normal. > > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/
