[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: back-config again

Howard Chu wrote:

I see your point, but just because ACLs can be quite fluid doesn't make them inherently different from the other configuration items. [..] Of course, if you're going to duplicate the DIT's hierarchical layout anyway, you might as well just merge the ACLs into the DIT itself. Oh wait, that's an ACI. Hm, what does *that* mean, I wonder....

Yes, the ACI approach comes to mind. If ACLs are very fluid ACIs are the better choice anyway since they closely tie access control to the directory data itself.

Ciao, Michael.