8 Jun
2009
8 Jun
'09
2:06 p.m.
Hey guys,
From my understanding pwdAccountLockedTime is an operational attribute and by ldap v3 definition it must be 'requested' to obtain the value. However, when I include this attribute as part of a search filter against one of my master servers I get results back but when I run it against my proxy (back_ldap) ldap server, I get nothing. Only when I request the attribute do I get something off the proxy. If operational attributes should not be seen unless requesting them then how come on my master servers it returns fine but not on the proxy? Is there a way to make the proxy behave the same as the master's in this regard? Or do I possible have some ACL issues?
Thanks, Tyler