[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#3819) Strange slapd.conf diagnostic after authz-regexp
Hallvard B Furuseth wrote:
> Aha. That solved a small mystery for me, once I looked at it
> in cn=config:
>
> The root DSE no longer uses ACLs from the first database.
> it Only uses the global ACLs and the 'database frontend' ACLs,
> because the supposedly global ACLs end up in frontendDB.
>
Yes. This was discussed recently
http://www.openldap.org/lists/openldap-devel/200504/msg00045.html
but I don't think any course of action was decided.
> Also, rootdn/rootpw was also applied from the first database, but
> those are now taken from frontendDB and I can't get rootdn/rootpw
> from frontendDB to work.
>
Well, rootpw makes no sense for the frontendDB. The question about
rootdn is still open.
> Howard Chu writes:
>
>> At the time it occurs, the current backend is the frontendDB. (...)
>> This probably should be straightened out, but at the moment it seems
>> harmless and we have other things to worry about.
>>
>>
>>> authz-regexp cn=x cn=y
>>> foobar
>>>
>>> gets this message from slaptest -d 64:
>>>
>>> unknown directive <foobar> inside backend database definition (ignored).
>>> (...)
>>>
>
>
--
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support