Ondrej Kuznik wrote:
[dd]
>>>> inherit from name). We do not have this limitation >>>> on AD (but it breaks LDAP standard).
Mark,
Could you be more specific which LDAP standard it breaks? Is there an explicit prohibition for the 'name' attribute to have ordering rules? In the RFCs somewhere?
Yes, but why do you think it is a restrictive definition and no more optional properties can be *added* (without removing the mandatory ones, of course)?
My best guess is that because this thinking leads to the very problems ("Embrace, Extend, Extinguish") that have plagued some notable implementations of certain standards. They have been harmful to interoperability for quite some time already.
What you say may be valid and reasonable. However I wanted to know if there is an explicit prohibition to add an additional functionality such as sorting to some object types.
There seems to be none.
"Be liberal in what you receive and conservative in what you send" is a good old rule. I don't see why answering this particular search request without generating an error should cause any problems. Maybe this is because I know little of LDAP, then enlighten me please about the technical details and what exactly would break.