On Apr 19, 2007, at 1:54 PM, Hallvard B Furuseth wrote:
Howard Chu writes:
It is your application's responsibility to convert between local time and GMT when interacting with the directory.
Remember that LDAP is a wide area system, accessible from anywhere in the world. Storing local time in the directory would be meaningless for clients that don't understand your timezone's rules, but all computer systems know how to handle GMT.
That's not right. Remember that the Generalized Time syntax (used by e.g. modifyTimestamp) requires a suffix with the timezone: Either 'Z' for GMT, or '+/-hh[mm]'. Clients don't need to know any particular timezone's rules to handle that, they only need to know how to convert between specified timezones.
So OpenLDAP could be patched with an option to create attributes like modifyTimestamp: 20070419225007+0200 instead of modifyTimestamp: 20070419205007Z though I don't know how much code assumes the 'Z' format is used.
RFC 4517 says: The "Z" form of <g-time-zone> SHOULD be used in preference to <g-differential>.
The primary reason for this is interoperability. Not all implementations can deal (well) with g-differential. It should be avoided (on the wire).
-- Kurt