Hi Michael, Yes i've also think to that. And i've try to put the octetStringMatch equality matching rule in my attribute definition. But unfortunately, the result is the same...
Thanks 2015-09-02 21:54 GMT+02:00 Michael Ströder <[email protected]>: > Armando Martins wrote: > > Hi, > > > > I'm trying to sync a active directory with a openldap and for update the > > entries i use the objectsid binary attribute of the active directory as > the > > link attribute between the two directories. > > > > I'm having an issue with the binary data inserted in a octetstring > attribute. > > There is no problem to insert the data in the attribute. but when i > request > > the attribute there is no entries returned. Howerver, when i do the same > > request in active directory it returns me the right answer. > > > > Here is my attribute specification in openldap : > > > > attributetype ( 1.3.6.1.4.1.31631.1.1.2.1.1 > > NAME 'binarysid' > > DESC 'binary object' > > SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 > > ) > > > > and here is the data inserted in this attribute : > > > > binarysid:: AQUAAAAAAAUVAAAA77+9OzJ577+9Ve+/vVEdA2pm77+977+9AAA= > > > > if i request my openldap with this filter : > > > > > filter="(&(objectClass=inetOrgPerson)(binarysid=\01\05\00\00\00\00\00\05\15\00\00\00\CE;2y\C5U\C2Q\1D\03jf\ED\FB\00\00))" > > > > No answer is returned, but when i request the active directory with this > filter : > > > > > filter="(&(objectClass=user)(objectsid=\01\05\00\00\00\00\00\05\15\00\00\00\CE;2y\C5U\C2Q\1D\03jf\ED\FB\00\00))" > > > > He returns me the right answer... > > > > Do i have a problem with my attribute in openldap? > > > > if someone could help me, I will really appreciate. > > You did not add an EQUALITY matching rule to your attribute type > description. > > Ciao, Michael. > > -- Armando Martins
