Alexandre Rosenberg wrote:

Micheal, you are *right* about the man page saying _hostname_. Indeed OpenLDAP only accepting hostname as per best practice/RFC might be the most correct behavior.

There is no relevant RFC or best practice, only the man-page. And the -h and -p arguments come from the old UMich LDAP times.

However we can not change this behavior without breakable. consider:

AFAICS backward compability has only be provided to those ancient Umich or Netscape Directory tools. So IMO LDAP URI does not have to be accepted.

• Underscore are not that uncommon with Active Directory
• What about internationalized DNS name
• ... (probably more)

If you want to fix something for 2.4.x to match what the man-page says you could effectively reject LDAP URI by simply rejecting colons and slashes. Those chars are never in even seriously broken hostnames. If they were they would cause more interop issues anyway.

Therefore I believe such change could only be done in a major release. And at that point we might just remove the depreciated '-h' option altogether.

Agreed. 2.5 release chould IMO simply remove options -h and -p.

Ciao, Michael.