[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6435) Hidden schema elements

rein@OpenLDAP.org wrote:
> Full_Name: Rein Tollevik
> Version: CVS HEAD
> OS: Irrelevant
> URL: 
> Submission from: (NULL) (2a01:600:0:1:21c:23ff:feab:61cd)
> Submitted by: rein
> Some of the operational attributes defined in the slapd source are hidden from
> the clients unless slapd is compiled with LDAP_DEVEL enabled.  Still, some of
> these elements are used in the database (as in the authz* and monitor related
> attributes).

Yes, see also:

IIRC also a bunch of attribute types used in back-config which makes
back-config almost unusable with a stock schema aware client.

The standard answer by Kurt and others is that as along as an experimental OID
with .666 is used a schema description should be hidden. I strongly disagree
with that though.

>  This causes my schema-aware application to complain when it sees
> (or worse tries to modify) these attributes.

(Sigh!) I also had to add several work-arounds to web2ldap regarding this.

> A patch that adds a new optional define that can be used to disable the schema
> hiding without enabling LDAP_DEVEL is coming. 

Looking forward to this being committed.

> A better fix would be to not hide those schema elements that is actually
> being used..


Ciao, Michael.