Hi,
M$, as usual, is violating many LDAP RFCs. For instance, you can send a
simple BindRequest where the user name is *not* a DN.
I guess we will have to bend the API to accept such crapity...
wdyt ?
M$
--
Regards,
Cordialement,
Emmanuel Lécharny
www.nextury.com
I think so - I realize that our OpenDS SDK needs to cope with this as
well :-(
It makes me wonder what else could be violated? Should we permit non-DNs
for all operations? E.g. modifying the entry "joe.blo...@example.com"?
It seems a bit inconsistent to be lax in only one part of the protocol
I think so - I realize that our OpenDS SDK needs to cope with this as
well :-(
It makes me wonder what else could be violated? Should we permit non-DNs
for all operations? E.g. modifying the entry "joe.blo...@example.com"?
It seems a bit inconsistent to be lax in only one part of the protocol
On 2/23/10 10:06 PM, Matthew Swift wrote:
I think so - I realize that our OpenDS SDK needs to cope with this as
well :-(
It makes me wonder what else could be violated? Should we permit
non-DNs for all operations?
IMO, no.
E.g. modifying the entry "joe.blo...@example.com"? It seems a bit