Michael Ströder wrote:
our web application is designed to understand LDAP schema and provider proper user interface for each syntax. Our web application can understand syntax 1.3.6.1.4.1.1466.115.121.1.11 which is "Country String", two printable string characters as listed in ISO 3166. For this syntax the web application pops up a nice country selector. However when user enter 'c' (for country, defined in core.schema as *Directory String*) the web application treat it as all other Directory String, which is an input box. The users, being confused, typed their country name manually (like "American" or "U.S.A."), breaking compatibility because 'c' should be two printable string characters as listed in ISO 3166.
I'd file an ITS for that.
This has already been discussed in the past. Right now, OpenLDAP code cannot accept the definition of "c" ("country") as in RFC4519 because OpenLDAP erroneously requires attributes derived from a superior to have exactly the same syntax of the superior. In the case of RFC4519:2.2.
( 2.5.4.6 NAME 'c' SUP name SYNTAX 1.3.6.1.4.1.1466.115.121.1.11 SINGLE-VALUE )
(note that 'country' is no longer listed), the syntax 1.3.6.1.4.1.1466.115.121.1.11 (Country String, RFC 4517:3.3.4.) is a subset of the syntax of name (Directory String, RFC4519:2.18.), so the inheritance with further syntax restriction should be accepted.
An ITS seems appropriate.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------