[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4192) cn=config rootdn issues

hyc@symas.com wrote:
> quanah@symas.com wrote:
>> Here is the config.ldif file:
>> dn: cn=config
>> objectClass: olcGlobal
>> cn: config
>> structuralObjectClass: olcGlobal
>> entryUUID: 791133ac-ef7c-1029-80f9-9dd63ccdecf7
>> creatorsName: cn=replicator,cn=service,cn=applications,dc=stanford,dc=edu
>> createTimestamp: 20051122081940Z
>> entryCSN: 20051122081940Z#000000#00#000000
>> modifiersName: cn=replicator,cn=service,cn=applications,dc=stanford,dc=edu
>> modifyTimestamp: 20051122081940Z
> OK. It can't parse the creatorsName or modifiersName DNs. How annoying...
This is now fixed in HEAD.

Since we cannot allow arbitrary DNs to appear here, this pretty much 
eliminates any plans to ever allow regular users to have 
(ACL-controlled) access to cn=config.

  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/