[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: NO-USER-MODIFICATION for attribute type description memberOf

To: openldap-devel@openldap.org
Subject: Re: NO-USER-MODIFICATION for attribute type description memberOf
From: Michael Ströder <michael@stroeder.com>
Date: Thu, 11 Jul 2019 21:37:46 +0200
Autocrypt: addr=michael@stroeder.com; prefer-encrypt=mutual; keydata= mQENBFbdnRoBCADj0vYA4aRwKJ6AE4mf8oElLgMT/1eLNKpJ2FYBWcwj9d8dTk5/p9b8DRxy S/qQIUUZqt9xRFZwUCm0vFeQMRDeN9xzAKoRzrJifoDOacOjG1lhZTKYvVZGgUT89Ao3QeHh Q7gPzcAKNoueoR2y3FXStOYuRrbk5PlSjVAITjsotgc7PWE9mmVYpeu8a+byK/DBHKUyolOA 1UXYvDa7MbPhMtdNm8qnwtKs1Vsyk1VkErM+5cIe+zTT6WYQcmZMRjCtWGiFTzk9W6Mdlskk WRTKhKNgokTsgcy1ecaCBUZWxv/SyXgD81+rwRi9b8Px+1reg43ayxi8sV7jrI1feybbABEB AAG0J01pY2hhZWwgU3Ryw7ZkZXIgPG1pY2hhZWxAc3Ryb2VkZXIuY29tPokBNwQTAQgAIQUC Vt2dGgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRAH3HrjaovJOFpTCACjO773gcmJ KvzjiNpUFl/gANyaJgIq4VbMQ7VthRb1F9X6YbdJ6Z99ntyESjGFCpjofcSomr2vJDpv6ht+ lY33yo20YwsMpqe2OeId0jPybG+FtabKjgBNoAk7iqnBGUvE4t0dz0n1LQVCQR2jxyTKmcNq OYpsRZ3H+6kWwJMuVgsNZglINVZ8JgV5QuLYN5jhYz+pOuFnU11bV6nWREvzZXzebe7g7Zus 6AsWjtJ0lDvgBNzLlF3/eFrVch6Bejs0SvuFseIdZQk+4YU6Rb8xul/jDFXIfo7eTmijO3dV T5AmC1cUi8czncwpgAJnEH8vYv23RoN/aw2gSMCS2huIuQENBFbdnRoBCAC7L1cTVBVZZuM/ yxSUM5CsgGBlTD1Cr7C2ngZFsHSYXVLq6NUB8GZA2iLK96CrwnFw4/Jjz4llOjc50iVRMQKL RyFWOJAMrpPq2ew5T+Uoo524D//dwVbqkFVVuvM8NPiKIDyPGCjP+acM1D8hXwhOXgQ8Iz8Q 3/GRSYjitn9JrkF0ia2nhariznBKVu0LDffxF/hOCx45+QRR2/rYYlshfZMB7nEJX9P+hVfM CSzltz9Z8CldeUbiJvnyrISReR2XBw9oh8JkIUP0BtpIaify9A7EfzOk+W9BUnWe+YwdSUsB fJxOhSv+umyW5GMqZGFu+4oYnkzbe+1LUs1JarCtABEBAAGJAR8EGAEIAAkFAlbdnRoCGwwA CgkQB9x642qLyTjEUgf+JX6Atatl/QKe37yCj1OZYNPd3B0rPLJRF5mEmrADRXLZC9+uFeDS Wxxln040gnR6rjBHrRcvVmlTDiZY26iuL16+V+0/aZ9uyXNQSzk2cwDSiI/8gvr72Y+FN5fh cGXpeNHxHilYc9onzDhxyE76cwzqTKm4q2ULIH2u9IHQ5O86Fv6nHPYhe2fy1bhQapNwi/Xl 3G3i2WNH/w7m+1zWU1IddZOjmXzoxLT1BATwXGa0Tt5RjVb2mM1Wg3Zj6kqFkF2vvKcvrwj0 q0Ap5uyfN5m0uWzQMCMoaV9HQf7f5MkS1lnwBqDgnojjVAieX5uk7olUiRuPKHMfhvXulYP8 AA==
Content-language: en-US
In-reply-to: <9ef8a896-8aab-e19e-c079-b8521b87b416@symas.com>
Openpgp: preference=signencrypt
References: <7bf47065-96ef-d5d7-1f91-e05641ab9a51@stroeder.com> <9ef8a896-8aab-e19e-c079-b8521b87b416@symas.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0

On 7/11/19 6:43 PM, Howard Chu wrote:
> Michael Ströder wrote:
>> Currently attribute type description memberOf does not have
>> NO-USER-MODIFICATION.
>>
>> memberof.c contains a commented line:
>> 		/* "NO-USER-MODIFICATION " */		/* add? */
>>
>> But it's my understanding that if the memberof overlay is responsible
>> maintaining this attribute NO-USER-MODIFICATION should be added.
>>
>> Any objections against adding it?
>
> ISTR a few things would break when that was uncommented. Feel free to
> test it out though.

Hmm, the git log is pretty terse. This commit after intial import only
added comments:

------------------------ snip ------------------------
commit e33abd467c526a740a10f77e84ccc78d7b18e6d7
Author: Pierangelo Masarati <ando@openldap.org>
Date:   Sat Aug 25 16:02:43 2007 +0000

    needs work: memberOf should not be replicated
------------------------ snip ------------------------

There's no reasoning why 'memberOf' should not be replicated.
IMHO it should be replicated to avoid the effects described in ITS#8613 [1].

Can anyone shed some light on this?

Ciao, Michael.

[1] https://www.openldap.org/its/index.cgi/?findid=8613

References:
- NO-USER-MODIFICATION for attribute type description memberOf
  - From: Michael Ströder <michael@stroeder.com>
- Re: NO-USER-MODIFICATION for attribute type description memberOf
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: NO-USER-MODIFICATION for attribute type description memberOf
Next by Date: Issues ISC dhcpd using libldap of OpenLDAP 2.4.48
Index(es):
- Chronological
- Thread