Re: [ldapext] why posixAccount MUST contain 'cn'?

Hallvard Breien Furuseth <h.b.furuseth@usit.uio.no> Mon, 15 December 2014 00:17 UTC

Return-Path: <h.b.furuseth@usit.uio.no>
X-Original-To: ldapext@ietfa.amsl.com
Delivered-To: ldapext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 388ED1A024E for <ldapext@ietfa.amsl.com>; Sun, 14 Dec 2014 16:17:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.61
X-Spam-Level:
X-Spam-Status: No, score=-1.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xsck6wHdYZJf for <ldapext@ietfa.amsl.com>; Sun, 14 Dec 2014 16:17:37 -0800 (PST)
Received: from mail-out5.uio.no (mail-out5.uio.no [IPv6:2001:700:100:10::17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 99FAB1A0217 for <ldapext@ietf.org>; Sun, 14 Dec 2014 16:17:37 -0800 (PST)
Received: from mail-mx1.uio.no ([129.240.10.29]) by mail-out5.uio.no with esmtp (Exim 4.80.1) (envelope-from <h.b.furuseth@usit.uio.no>) id 1Y0JLz-0006u6-0t; Mon, 15 Dec 2014 01:17:35 +0100
Received: from c162dbf51.dhcp.as2116.net ([81.191.45.22] helo=mysil.uio.no) by mail-mx1.uio.no with esmtpsa (TLSv1.2:DHE-RSA-AES128-SHA:128) user hbf (Exim 4.80) (envelope-from <h.b.furuseth@usit.uio.no>) id 1Y0JLy-00070q-Iw; Mon, 15 Dec 2014 01:17:34 +0100
Message-ID: <548E2898.7020808@usit.uio.no>
Date: Mon, 15 Dec 2014 01:17:28 +0100
From: Hallvard Breien Furuseth <h.b.furuseth@usit.uio.no>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: Michael Ströder <michael@stroeder.com>
References: <548DB67C.5060009@stroeder.com>
In-Reply-To: <548DB67C.5060009@stroeder.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
X-UiO-Ratelimit-Test: rcpts/h 2 msgs/h 1 sum rcpts/h 4 sum msgs/h 2 total rcpts 1500 max rcpts/h 16 ratelimit 0
X-UiO-Spam-info: not spam, SpamAssassin (score=-5.0, required=5.0, autolearn=disabled, UIO_MAIL_IS_INTERNAL=-5, uiobl=NO, uiouri=NO)
X-UiO-Scanned: 7CC13249DB7F34650E3031031FA0A9B007F646EF
X-UiO-SPAM-Test: remote_host: 81.191.45.22 spam_score: -49 maxlevel 80 minaction 2 bait 0 mail/h: 1 total 69 max/h 5 blacklist 0 greylist 0 ratelimit 0
X-UiOonly: 0B4DA9FFBC4FB39794ED1BA2158214D1EC42D1FA
Archived-At: http://mailarchive.ietf.org/arch/msg/ldapext/k1I_wz2H8bLTBbEj5rfFpierYo8
Cc: ldapext@ietf.org
Subject: Re: [ldapext] why posixAccount MUST contain 'cn'?
X-BeenThere: ldapext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: LDAP Extension Working Group <ldapext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ldapext>, <mailto:ldapext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ldapext/>
List-Post: <mailto:ldapext@ietf.org>
List-Help: <mailto:ldapext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ldapext>, <mailto:ldapext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Dec 2014 00:17:39 -0000

On 14/12/14 17:10, Michael Ströder wrote:
> (...)
> Also what's the distinction of 'cn' and 'gecos' in 'posixAccount'. It seems
> most NSS LDAP clients use attribute 'cn' as gecos field today.

cn is UTF-8.  The gecos attribute is IA5 String - i.e. ASCII.
One of many ways rfc2307 does not fit the real world too well.
memberUid is another IA5 too, both it and uid are case-insensitive
even though rfc2307 is for case-sensitive Unix, etc.