[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6830) slapo-ppolicy.5 has incorrect schema fragments

andrew.findlay@skills-1st.co.uk wrote:
> Full_Name: Andrew Findlay
> Version: 2.4.24
> OS: OpenSuSE 11.3
> URL: ftp://ftp.openldap.org/incoming/afindlay-ppolicy-man-patch-20110215
> Submission from: (NULL) (
> slapo-ppolicy.5 incorrectly includes the NO-USER-MODIFICATION flag in the schema
> fragments for pwdPolicySubentry and pwdAccountLockedTime.

That's how they were defined in the IETF Draft. The schema fragments in the 
manpage were copied directly from the spec. The fact that the current 
implementation deviates from the spec is just out of necessity to make things 
work at all in our present code base. Things will not always work this way...

> In addition, the description of pwdAccountLockedTime does not make it clear that
> this attribute can be changed by administrative action.
> The attached patch is a suggested clarification for the manpage.

   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/