Den 24.08.2010 16:35, skrev masarati@aero.polimi.it:
Define those objectclasses in slapd's schema, that's the wisest thing to do. I'd note that in recent releases the filter is passed thru as is even when unknown. Unfortunately, you don't state what version you're using.
Sorry about that. I'm using the current in Debian - 2.4.11.
And for the schemas, see what I wrote in my previous post on the mailing list - I basically have no way of getting hold of the schema declarations.
As soon as the AD you're proxying knows about them, you can extract the schema from it. See the documentation of AD, I don't remember how it stores the schema (I'm afraid it does not work as illustrated in RFC4512, 4.4). Otherwise, if they're not known to AD as well, you won't get anything useful out of it, so the point is moot. In any case, your definition of those classes needs not be accurate, as soon as you only intend to proxy them. They basically need to be known.
p.