ando(a)OpenLDAP.org wrote: Note that one does not need to use the same access privileges for testing the filter and testing data return: in fact, when issuing an internal search, when required one could set o_acl_priv to the privilege desired for filter testing; then, in sc_response(), one could change it to the privilege desired for data return testing, and return it back in sc_cleanup(), and so back and forth. p.