[Date Prev][Date Next]
A question regarding ACLs on OpenLDAP consumer servers. If the ACLs on
the provider give clients write access to some attributes, such as
loginShell or userPassword, shouldn't the ACLs on the consumers do the
I'm not sure about this, since consumer databases are always
read-only, but it seems to me that the clients would otherwise have no
way of knowing that changing certain attributes was possible (via the
updateref option or the chain overlay).