Re: (ITS#4979) Bad response when requesting bad attributes

elecharny@apache.org writes:

ldapsearch -h localhost -p 10389 -D "uid=Admin,ou=system" -w secret -b "dc=example,dc=com" -s sub "(objectClass=*)" person

will return all entries attributes, as if the 'person' was substituted by "*"

That is what RFC 4511 says. Section 4.5.1.8 (SearchRequest.attributes): "If an attribute description in the list is not recognized, it is ignored by the server." Ignoring "person" yields an empty list, which works like a "*".

I'm guessing that's not what it was intended to say though. RFC 1777 (LDAPv2) did not have it, so 'person' would work like '1.1' does now.