Pierangelo Masarati wrote:
Samba4's clients are written expecting AD's behaviour, and while I might hope that they would explicitly request the attributes they need, if I can make such mistakes in my test scripts, so can they...
The addition of this feature is (almost) trivial. So the decision should be based on:
- should this "feature" be exposed to all users, or
- should it be exposed only to users using samba4 as proxy?
I'll code it anyway (not now, perhaps later today) and let you decide after experimenting.
Prototype:
http://www.sys-net.it/~ando/Download/opattrs_expose.c
Should be improved to make "memberOf" configurable, and handle a list of operational attrs to expose (I bet there's more than just "memberOf").
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------