[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6830) slapo-ppolicy.5 has incorrect schema fragments

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#6830) slapo-ppolicy.5 has incorrect schema fragments
From: andrew.findlay@skills-1st.co.uk
Date: Thu, 30 Jun 2011 09:14:16 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

On Thu, Jun 09, 2011 at 01:45:17AM -0700, Howard Chu wrote:

> I note that in ppolicy.c we have:
> 
>     {   "( 1.3.6.1.4.1.42.2.27.8.1.17 "
>         "NAME ( 'pwdAccountLockedTime' ) "
>         "DESC 'The time an user account was locked' "
>         "EQUALITY generalizedTimeMatch "
>         "ORDERING generalizedTimeOrderingMatch "
>         "SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 "
>         "SINGLE-VALUE "
> #if 0
>         /* Not until Relax control is released */
>         "NO-USER-MODIFICATION "
> #endif
>         "USAGE directoryOperation )",
> 
> We have in fact released support for the Relax control, so it's
> probably time to unifdef these bits and go back to the documented
> behavior.

That seems reasonable in the long term, though it will break many sites'
existing password management procedures. The change will have to be
mentioned in the updated manpage, noting the version at which it takes
effect.

Should I produce an updated version of the manpage patch?

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |
-----------------------------------------------------------------------

Prev by Date: (ITS#6980) Patch - Mozilla NSS - memleak - have to free the return from SSL_PeerCertificate
Next by Date: (ITS#6981) slapd crashes when using sssvlv and pcache overlays
Index(es):
- Chronological
- Thread