Quanah Gibson-Mount wrote:
--On Tuesday, April 22, 2008 5:43 AM +0200 Emmanuel Dreyfus
> I had a bad
> experience with users uploading huge pictures, causing LDAP queries in
> some applications to timeout before getting a result,
Don't let them do that.
Well, there's already the standard attribute 'jpegPhoto' in
'inetOrgPerson'. So one might want to have a picture in there of just a
Have them store a URL to a jpeg stored
The caveat is that an application has to use another protocol to grab
this BLOB. And access control has to be made consistent by other means
when using different data sources => more integration effort.
I always considered the lack of server-side limits on the number/length
of attribute values and the LDAP PDU size a serious threat.