[Date Prev][Date Next]
More notes on LDAP-enabling the slapd configuration mechanism...
One step towards making the slapd configuration easily presentable in LDAP is
to use LDIF for the config file format. There will be a cn=config backend
implicitly defined, and everything will branch out underneat this.
The actual backend is implemented by specific modules corresponding to
specific objectclasses. E.g., objectClass OpenLDAPbdbDatabase will contain
attributes for a back-bdb configuration. Each backend type will export a
table of functions to implement their respective objectclasses.
The idea is somewhat reminiscent of the back-ftree backend.
There are still some issues regarding order-dependent config info (like ACLs,
sasl-regexp, database order). I have an idea to use attribute tagging to help
out here, e.g.:
access;x-order-1: attr=userpassword $ by self write $ by * auth
access;x-order-2: * $ by * read
More thoughts welcome.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
Symas: Premier OpenSource Development and Support