Victor Sudakov wrote:
Michael Str?der wrote:
"Be liberal in what you receive and conservative in what you send" is a good old rule.
If you change the subschema subentry you change something sent to the client.
I still don't understand what's so bad about being able to request the ordering of the 'cn' attribute.
Actually the client could request that.
I'd argue: Ask Microsoft to make it configurable.
Not that I very much like Microsoft or am trying to defend them, but they *have* made it configurable. You can set DisableVLVBrowsing=1 and Outlook becomes compatible with OpenLDAP. It turns off addressbook browsing, of course, but searching still works.
Since you insist on using a rather unusable feature you should probably dive into RFC 2891 and look at this:
SortKeyList ::= SEQUENCE OF SEQUENCE { attributeType AttributeDescription, orderingRule [0] MatchingRuleId OPTIONAL, reverseOrder [1] BOOLEAN DEFAULT FALSE }
The LDAP client can (optionally) define which ordering matching rule to use for a particular attribute type. So ask M$ to send 'orderingRule' in the SSS request control if they do not send it yet. I'm too lazy to check in the PCAP data you posted before.
Ciao, Michael.