Pierangelo Masarati wrote:
Howard Chu wrote:
I think you misunderstood my proposal. I'm not suggesting we muck with the returned DNs at all; the extra information will only appear in the response control.
So you mean adding a response control value made of something like
controlValue ::= SEQUENCE { extended extendedDN }
extendedDN ::= SEQUENCE { attrval attrVal }
attrVal ::= { attrspec attrSpec, value octetString }
where the sequence of attrSpec was specified in the control request. In the case at hand, the control request would contain GUID, SID and entryDN. Is this what you mean? Then, it would be the client's task to use the response to build a string in the format specified by 1.2.840.113556.1.4.529.
Yes, that's what I had in mind. The question is whether that's sufficient for Samba's purposes; the control that I've described is sufficiently general that it would be useful for a lot of other cases.