[Date Prev][Date Next] [Chronological] [Thread] [Top]

Acl options

To: openldap-software@OpenLDAP.org
Subject: Acl options
From: Craig Hancock <chancock@bsd.uchicago.edu>
Date: Wed, 20 Feb 2002 01:34:24 -0600
Cc: Craig Hancock <chancock@delphi.bsd.uchicago.edu>
Content-disposition: inline
User-agent: Mutt/1.2.5.1i

I have been experimenting with acl's and I am curious 
what is the differens between 
addr and peername
attr and attrs

Also I found a reference to an acl option called set but I can't find
and documentation on it.

Also I seen in the mailing list archive when setting up ssf 
people use 112 bit for authetication and 128 across the wire
and I don't understand why.

In regards to performance peole say that having few acl's as possble will
guarntee macium performance. I have about 11 acl's for certain objects
and I have about 2200 objects in my ldap databse. I haven't expierenced anytype
of performance degredation. 

I am thinking about implelemting the acl domain for certain attributes
and I was wondering would it make sense from a design standpoint to use
domain or libwrap.

When dealing with indexes I am having trouble deciding how indexes should be
treated meaning should they be a equality string or a presence string. I notice
that in the *.schema files there are rules for how all objects are interpreted.
Should I just setup a default index with

index "attr" pres,eq
or look at each attr I want to index and check what how strings are governed 
in the file.

Next what is socket_url I can't seem to find much refernece to it.

When compiling openldap on a unix machine I am trying to decide which options 
to use and I can find any documentation on these options.

--enable-proctitle
--enable-cache
--enable-refferrals
--enable-local
--enable-fetch

Lastly I was wondering if anyone on the list what using ldap to serve 
any kinds of DNS records and I was wondering how that working out for you.

Craig Hancock

Prev by Date: ldap unavailable
Next by Date: LDAP & PAM & Solaris 7
Index(es):
- Chronological
- Thread