[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#6830) slapo-ppolicy.5 has incorrect schema fragments
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#6830) slapo-ppolicy.5 has incorrect schema fragments
- From: hyc@symas.com
- Date: Tue, 15 Feb 2011 13:03:26 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
andrew.findlay@skills-1st.co.uk wrote:
> Full_Name: Andrew Findlay
> Version: 2.4.24
> OS: OpenSuSE 11.3
> URL: ftp://ftp.openldap.org/incoming/afindlay-ppolicy-man-patch-20110215
> Submission from: (NULL) (88.97.25.132)
>
>
> slapo-ppolicy.5 incorrectly includes the NO-USER-MODIFICATION flag in the schema
> fragments for pwdPolicySubentry and pwdAccountLockedTime.
That's how they were defined in the IETF Draft. The schema fragments in the
manpage were copied directly from the spec. The fact that the current
implementation deviates from the spec is just out of necessity to make things
work at all in our present code base. Things will not always work this way...
> In addition, the description of pwdAccountLockedTime does not make it clear that
> this attribute can be changed by administrative action.
>
> The attached patch is a suggested clarification for the manpage.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/