[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6435) Hidden schema elements

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#6435) Hidden schema elements
From: michael@stroeder.com
Date: Mon, 21 Dec 2009 16:40:16 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

rein@OpenLDAP.org wrote:
> Full_Name: Rein Tollevik
> Version: CVS HEAD
> OS: Irrelevant
> URL: 
> Submission from: (NULL) (2a01:600:0:1:21c:23ff:feab:61cd)
> Submitted by: rein
> 
> Some of the operational attributes defined in the slapd source are hidden from
> the clients unless slapd is compiled with LDAP_DEVEL enabled.  Still, some of
> these elements are used in the database (as in the authz* and monitor related
> attributes).

Yes, see also:
http://www.openldap.org/its/index.cgi?findid=5573
http://www.openldap.org/its/index.cgi?findid=5574
http://www.openldap.org/its/index.cgi?findid=5576

IIRC also a bunch of attribute types used in back-config which makes
back-config almost unusable with a stock schema aware client.

The standard answer by Kurt and others is that as along as an experimental OID
with .666 is used a schema description should be hidden. I strongly disagree
with that though.

>  This causes my schema-aware application to complain when it sees
> (or worse tries to modify) these attributes.

(Sigh!) I also had to add several work-arounds to web2ldap regarding this.

> A patch that adds a new optional define that can be used to disable the schema
> hiding without enabling LDAP_DEVEL is coming. 

Looking forward to this being committed.

> A better fix would be to not hide those schema elements that is actually
> being used..

Amen.

Ciao, Michael.

Prev by Date: Re: (ITS#6435) Hidden schema elements
Next by Date: (ITS#6436) olcRwmMap atomic modification
Index(es):
- Chronological
- Thread