[Date Prev][Date Next]
Re: attribute type is operational?
Piotr Wadas <email@example.com> writes:
>> > significant in this case)
> So - system is Debian sid i386, openldap is 2.1.26 (package version
> 2.1.26-1). This package is compiled with --enable-aci since 2.1.12-1
> as mentioned in
>> Depending on your OpenLDAP version, this attribute exists already. See
> I looked there, and found that there are some built-in schemas I didn't
> expect. Well, OK, there are built-in schemas I can't change without
> recompiling, not listed in schemas tab in my ldap browser (gq).
> Whatever:-). So I add this objectclass definition into my local.schema
> objectclass ( 220.127.116.11.4.1.10718.104.22.168.6
> NAME 'OpenLDAPacl'
> DESC 'OpenLDAP access control information'
> SUP top STRUCTURAL
> MUST ( objectclass )
> MAY ( OpenLDAPaci ) )
I don't know and don't understand what you are trying to do, but you
don't need this objectclass. The attribute OpenLDAPaci is an
operational attribute already compiled in.
> So? Does it mean that I misunderstood debian-devel and this option
> wasn't set with next release? I guess disabling this option should
> be also mentioned in next accepted openldap2 announces, but didn't
> find such.
I don't know anything about Debian and what Debian is
communicating. But I know that you don't have to write a schema file
for Access Control Information. If you want to set aci's just add the
attribute OpenLDAPaci with appropriate values to each object you
create. For further information
Dieter Kluenter | Systemberatung
Tel:040.64861967 | Fax: 040.64891521