[python3-ldap] ldap search object
python3ldap
python3ldap at gmail.com
Tue Feb 4 16:09:33 CET 2014
python3ldap python3ldap at gmail.com
09:49 (6 ore fa)
a python3-ldap-r.
Hello Gary,
you're right, RFC3673 define the '+' (plus) as a attribute descriptor
for requesting all operational attributes from the DSA (the LDAP
server).
The problem is that the RFC doesn't enforce the server to really
return ALL opeartional attributes. Furthermore each server
implementation can decide which attributes are "operational" beside
the 'creatorsName', 'createTimestamp', 'modifiersName', and
'modifyTimestamp' the should be defined for all the entries in the
ldap database (DIT) as per rfc 4112 (3.4).
To check if an attribute is "operational" you can read the schema
returned by your DSA, if the attribute "usage" is not
"userApplications" it is intended to be an operational attribute, but
how this is managed by the DSA is a local (server) matter.
I suggest you to add only the attributes you need in the attribute
list of the search operation, and treat them as normal
(userApplication) attributes.
Bye,
Giovanni
Have fun,
gc
Have fun,
gc
More information about the python3-ldap
mailing list