[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Dropping slurpd, manage/Relax control
- To: OpenLDAP-devel@OpenLDAP.org
- Subject: Dropping slurpd, manage/Relax control
- From: Howard Chu <hyc@symas.com>
- Date: Tue, 12 Dec 2006 11:53:19 -0800
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20061211 Netscape/7.2 (ax) Firefox/1.5 SeaMonkey/1.5a
One feature that's still needed in some cases (e.g., using syncrepl to
push updates to another slave thru back-ldap) is an updatedn identity
with the privilege to write to unmodifiable operational attributes.
I guess this isn't something the Relax control is intended to allow. We
can keep using the updatedn but it feels like this is something that
should be generalized. E.g. one might want to have a cluster of servers
sending updates to each other, with a unique identity for each server,
and all of them with privilege to write to operational attributes. I
think the updatedn feature captures the idea ("this identity is a DSA")
but it just needs to be more flexibly configured.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/