Re: Antw: [EXT] Re: memberof Overlay not showing in base search

On 9/10/20 9:13 AM, Ulrich Windl wrote:

Typically clients don't care about modifyTimeStamp (maybe even they are not allowed to read it),

If you run sssd as NSS/PAM demon then have a look in your logs: sssd uses modifyTimeStamp for searching recently modified entries.

And many other clients do this too.

Anyway LDAP clients should always explicitly request the attributes they really use to avoid unneeded data being transferred. Whether those are user or operational attributes does not matter.

Ciao, Michael.