[Date Prev][Date Next]
´ð¸´: ´ð¸´: Access-Config & Schema via LDAP
If you want to use pre-defined object class in slapd.oc.conf and attribute in slapd.at.conf, you don't need modify the slapd.conf at all. But, if you want to use object defined by yourself,such as "Germany-People", you MUST modify the slapd.conf to include a INCLUDE line to include your own object define file such as helge.oc.conf and helge.at.conf. and you need use the same format for these file as in the slapd.oc.conf and slapd.at.conf file.
This file will help you a lot.
???: Helge Hess [mailto:firstname.lastname@example.org]
????: 2000?7?5? 20:52
???: Hong Li
??: 'OpenLDAP Software'
??: Re: ??: Access-Config & Schema via LDAP
I'm not sure whether you understood my question. I *don't* want to
modify slapd.conf, I would like to configure the server via LDAP.
Eg to get the schema for an object I would like to use sth like that
and get back sth like that
or maybe a tree like that:
inetperson printer objectclass: objectclass
/ | \ / | \
name email uid ip name type objectclass: objectclass-attribute
Similiar for ACLs which I would like to configure/retrieve using
standard LDAP clients.
I would like to know whether there is a backend (or some other thing)
which operates on slapd.conf like files to make the above happen.
Further I would like to know whether there are standards in LDAP which
describe how to accomplish that (eg the objectclass definition for an
objectclass definition ;-)
Hong Li wrote:
> The access rights is all up to you. LDAP has provide enough detailed configuration for this purpose. please take a look at the man page of slapd.conf
> While you read the man page of slapd.conf, I am sure you will find out what does the "schemacheck on/off" statement means .
> ·¢¼þÈË: owner-openldap-software@OpenLDAP.org [mailto:owner-openldap-software@OpenLDAP.org]´ú±í; Helge Hess
> ·¢ËÍÊ±¼ä: 2000Äê7ÔÂ5ÈÕ 20:34
> ÊÕ¼þÈË: OpenLDAP Software
> Ö÷Ìâ: Access-Config & Schema via LDAP
> is there a standard-way (or standard backend) to configure access rights
> using an LDAP client ? Or is the only way to setup rights to configure
> an appropriate slapd.conf by hand ?
> Is a backend planned/available which read/writes slapd.conf ?
> What about the schema, is/will this be available via the LDAP protocol ?
SKYRIX-OS Web Operating System - http://www.skyrix.com
SKYRIX-IAS IntraNet Application Suite - http://www.skyrix.com