Re: (ITS#4025) Ppolicy overlay: objectIdentifierMatch rule doesn't understand descriptions

[stran@amnh.org]

On Wed, 2005-09-28 at 09:00 -0700, Howard Chu wrote:
> Samuel Tran wrote:
> > On Wed, 2005-09-28 at 08:25 -0700, Howard Chu wrote: 
> >   
> >> I think it may help to see your slapd.conf at this point.
> >
> > Howard,
> >
> > My apologies, I have several test servers and I forgot to add the
> > following lines to my slapd.conf on the test server I am working on:
> > overlay ppolicy
> > ppolicy_default "cn=StdPwd,ou=Policies,dc=amnh,dc=org"
> > ppolicy_use_lockout
> >
> > Now it is working as expected.
> >
> > Why is it required to specify the overlay in slapd.conf in order to use
> > the pwdPolicy objectClass?
> >
> >   
> You can use the objectClass in general, just by loading the schema file. 
> But the code patch that changes the behavior of the pwdAttribute 
> attributeType resides in the ppolicy overlay. If you don't use the 
> overlay, the patch does not take effect. It wasn't clear to me that it 
> was a good idea to change the objectIdentifier syntax behavior for all 
> of slapd, so the patch is specific to the pwdAttribute attributeType. It 
> may be a topic for discussion on -devel, whether a global change is more 
> appropriate.
> 

I saw the new functions you added in your patch.
IMHO the EQUALITY objectIdentifierMatch should be satisfied regardless
of whether the ppolicy is specified or not.

In core.schema there is that attribute 'supportedApplicationContext'
that uses the same equality constraint. I haven't used it. Does it mean
that it won't understand description?

Thanks a lot!

Sam