Support shim LDAP controls via driver-operation-data

Idea ID 2779469

Support shim LDAP controls via driver-operation-data

LDAP servers often add support for additional functionality via controls and extended operations.
These can be useful when integrating a connected system via an LDAP shim (LDAP, AD, MDAD, etc.)

Some controls are enabled by the shim by default or by detection of server functionality during auth.

However, there are additional controls that could be useful to be enabled.

As with the REST driver, it could be possible to support enable/disable of LDAP controls on a per command basis using driver-operation-data.

Several LDAP controls have been mentioned in previous enhancement requests, bugs and forum posts. This suggestion is about a more generic way to solve all these problems. Especially as OIDs for such controls vary from vendor to vendor.

Examples include permissive modify, subtree delete, proxy

Proposal is that only "stateless" controls are supported. i.e. controls that only impact the current operation/command.

Controls which require additional configuration that could not be represented in an equivalent LDIF or need to establish a persistent session with the server conflict shall not be supported.
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.