[Date Prev][Date Next]
Re: OpenLDAP support for DIT Structure Rules
Michael Ströder wrote:
Howard Chu wrote:
Andrew Findlay wrote:
On Tue, Jun 02, 2009 at 11:39:04AM -0400, James Lentini wrote:
Standard - yes. Well supported - no. DIT Structure Rules along with
DIT Content Rules are the "standard" way to do this, but hardly anyone
[..] we'll probably add them in OpenLDAP 2.5.
It's a bit late to add to 2.4. Up till now, hardly anyone ever needed them.
Well, I've requested them. ;-)
Serious: If a mechanism is there people will start using it. Many people
are not aware that these even exist in the LDAPv3 standard. They use
In my case one of my customers will use web2ldap for some rare use-cases
conducted by admins adding administrative entries to an OpenLDAP DSA.
web2ldap already obeys DIT structure/content rules and name forms and
I'm even thinking about letting people specify supplemental LDAPv3
schema information within web2ldap's configuration (for host or
name-space) to guide the admin to do the right thing in the UI.
Also with DIT structure/content rules and name forms you can specify
directory layout and profiled use of object classes in a more formal way
in an operational concept.
No need to convince me; I've wanted to finish aligning our code with X.500 for
years. But this is one of many features that I've wanted that nobody else ever
expressed any interest in. Yet another concept the LDAP designers tossed out
without sufficient thought, making client writers' lives even harder...
As 2.4 goes into maintenance-only phase we can start playing with this in
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/