[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: commit: ldap/servers/slapd/overlays accesslog.c

To: Howard Chu <hyc@symas.com>
Subject: Re: commit: ldap/servers/slapd/overlays accesslog.c
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Sat, 23 Dec 2006 20:55:07 -0800
Cc: OpenLDAP Commit <openldap-commit2devel@OpenLDAP.org>
In-reply-to: <458DD129.8080608@symas.com>
References: <200612232110.kBNLAYBX020220@cantor.openldap.org> <7.0.1.0.0.20061223141948.0314b668@OpenLDAP.org> <458DD129.8080608@symas.com>

At 05:00 PM 12/23/2006, Howard Chu wrote:
>Kurt D. Zeilenga wrote:
>>It might be more appropriate to handle this issue on the
>>consumer than the provider.  An arbitrary LDAP sync client
>>might want this and other DSA specific attributes included
>>in the content.  That is, the provider should not assume
>>the consumer is doing server-to-server replication.
>
>True. The problem was that the auditContext attribute wasn't defined on the consumer. There's no obvious way to configure a consumer to exclude unknown attributes,

Personally, I think this kind of problem is better solved by
configuration then by code.  Configuration wise, this can be
addressed on either consumer side via a narrower attrs list,
or on the provider side with an ACL.

Kurt

Follow-Ups:
- Re: commit: ldap/servers/slapd/overlays accesslog.c
  - From: Howard Chu <hyc@symas.com>

References:
- Re: commit: ldap/servers/slapd/overlays accesslog.c
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: commit: ldap/servers/slapd/overlays accesslog.c
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: commit: ldap/servers/slapd/overlays accesslog.c
Next by Date: Re: commit: ldap/servers/slapd/overlays accesslog.c
Index(es):
- Chronological
- Thread