First of all, during configuration, sss should be enabled:
./configure --enable-hdb=yes --enable-sssvlv --enable-ppolicy --with-cyrus-sasl --with-tls=openssl
Then in slapd.conf, overlay has to be enabled:
overlay sssvlvThis line has to be added either in the global part or inside a backend directive.
Then, a ldapsearch can test the feature:
/usr/local/bin/ldapsearch -h localhost -x -E 'sss=cn' 'sn=m*' cnif there is an attribute with a ordering rule.
If not, an error arises:
# extended LDIF # # LDAPv3 # base
with scope subtree # filter: sn=m* # requesting: cn # with server side sorting control # # search result search: 2 result: 18 Inappropriate matching text: serverSort control: No ordering rule # numResponses: 1
You can add ordering rules to schemas: for instance to add ordering rules to sn, modify sn entry in core.schema as follows:
attributetype ( 126.96.36.199 NAME ( 'sn' 'surname' ) DESC 'RFC2256: last (family) name(s) for which the entity is known by' ORDERING caseIgnoreOrderingMatch SUP name )
This time ldapsearch returns:
# search result search: 2 result: 0 Success control: 1.2.840.1135188.8.131.524 false MIQAAAADCgEA sortResult: (0) Success # numResponses: 4602 # numEntries: 4601