Hi Michael,
Yes i've also think to that. And i've try to put the octetStringMatch equality matching rule in my attribute definition. But unfortunately, the result is the same...
Thanks
2015-09-02 21:54 GMT+02:00 Michael Ströder michael@stroeder.com:
Armando Martins wrote:
Hi,
I'm trying to sync a active directory with a openldap and for update the entries i use the objectsid binary attribute of the active directory as
the
link attribute between the two directories.
I'm having an issue with the binary data inserted in a octetstring
attribute.
There is no problem to insert the data in the attribute. but when i
request
the attribute there is no entries returned. Howerver, when i do the same request in active directory it returns me the right answer.
Here is my attribute specification in openldap :
attributetype ( 1.3.6.1.4.1.31631.1.1.2.1.1 NAME 'binarysid' DESC 'binary object' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
and here is the data inserted in this attribute :
binarysid:: AQUAAAAAAAUVAAAA77+9OzJ577+9Ve+/vVEdA2pm77+977+9AAA=
if i request my openldap with this filter :
filter="(&(objectClass=inetOrgPerson)(binarysid=\01\05\00\00\00\00\00\05\15\00\00\00\CE;2y\C5U\C2Q\1D\03jf\ED\FB\00\00))"
No answer is returned, but when i request the active directory with this
filter :
filter="(&(objectClass=user)(objectsid=\01\05\00\00\00\00\00\05\15\00\00\00\CE;2y\C5U\C2Q\1D\03jf\ED\FB\00\00))"
He returns me the right answer...
Do i have a problem with my attribute in openldap?
if someone could help me, I will really appreciate.
You did not add an EQUALITY matching rule to your attribute type description.
Ciao, Michael.