[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#6250) Password modify ext.op. - automagically add simpleSecurityObject
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#6250) Password modify ext.op. - automagically add simpleSecurityObject
- From: hyc@symas.com
- Date: Tue, 11 Aug 2009 19:39:43 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
michael@stroeder.com wrote:
> Full_Name: Michael Ströder
> Version: HEAD
> OS: openSUSE Linux 11.1
> URL:
> Submission from: (NULL) (84.163.50.194)
>
>
> If one trys to set the userPassword with a Password Modify ext. op. request but
> the object classes of the entry does not allow userPassword slapd could add
> automagically AUXILIARY object class simpleSecurityObject to the entry.
>
> (I'm doing this in web2ldap since years when changing the userPassword with a
> normal modify operation which client-side hashing.)
This request sounds like a mistake to me. The DSA is supposed to enforce the
data model, not automagically enable you to bypass the model. What clients do
is a completely separate matter...
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/