[Date Prev][Date Next]
> On Wed, 2006-05-17 at 20:03 +0000, firstname.lastname@example.org wrote:
>> I think there should be a way for regular users to add the tlds, as we
>> do not want the rootdn/rootpw to be used, because these entries live in
>> the configuration file.
> Strictly speaking, the suffix entry must be created only once in the
> life of a database, when it is created.
> If you're creating it from scratch, you could add the suffix entry
> before starting slapd, using slapadd.
> The only case I can foresee where you need to add the suffix entry of a
> database when slapd is already running is for databases added via back-
> config. In that case, you can use back-config to temporarily configure
> the rootdn and then remove it when the suffix entry is done.
> Besides this, I concur that the creation of the suffix entry by a
> regular user could be allowed, subjected to appropriate restrictions by
> means of ACLs, and possibly to some special control (like the
This doesn't seem like a case that requires special controls. He's not
creating the suffix entry, the suffix is "" and he's creating regular
children of that virtual suffix.
Please test the patch in back-bdb/add.c 1.153 -> 1.154.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/