[Date Prev][Date Next] [Chronological] [Thread] [Top]

OID for Relax Rules Control (was: (ITS#6830) slapo-ppolicy.5 has incorrect schema fragments)



andrew.findlay@skills-1st.co.uk wrote:
> On Thu, Jun 09, 2011 at 01:45:17AM -0700, Howard Chu wrote:
> 
>> I note that in ppolicy.c we have:
>>
>>     {   "( 1.3.6.1.4.1.42.2.27.8.1.17 "
>>         "NAME ( 'pwdAccountLockedTime' ) "
>>         "DESC 'The time an user account was locked' "
>>         "EQUALITY generalizedTimeMatch "
>>         "ORDERING generalizedTimeOrderingMatch "
>>         "SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 "
>>         "SINGLE-VALUE "
>> #if 0
>>         /* Not until Relax control is released */
>>         "NO-USER-MODIFICATION "
>> #endif
>>         "USAGE directoryOperation )",
>>
>> We have in fact released support for the Relax control, so it's
>> probably time to unifdef these bits and go back to the documented
>> behavior.

What does "released support" really mean?

$ grep -i relax openldap-2.4.26/include/ldap.h
#define LDAP_CONTROL_RELAX				"1.3.6.1.4.1.4203.666.5.12"
#define LDAP_CONTROL_MANAGEDIT			LDAP_CONTROL_RELAX

"No released software should use an OID under this arc."
See http://www.openldap.org/faq/data/cache/200.html

I'd really love to see an officially assigned OID (especially given the fact
that web2ldap supports it).

Ciao, Michael.