[Date Prev][Date Next]
Re: Loading LDAP schema files into cn=config
Michael StrÃder wrote:
Nick Milas wrote:
On 2/7/2011 2:53 ÎÎ, Simone Piccardi wrote:
I don't think there are comments inside cn=config, and
those are very important when you have to document and track tens of
Indeed, it seems that the config schema does not include a "description" (or
similar) attribute which can be used freely in any config DIT entries for
If this is truly the case, wouldn't it be advisable to add such support to the
config schema? Of course, this means that all objectclass definitions should
include: ...MAY (... $ description ) ...
While description may help a little bit you cannot add comments for each
configuration directive for example ACLs.
We've been discussing this problem for quite a while. My current thinking is
that somehow we can use attribute options to help. Visually it might be better
to associate the option with the original attribute, e.g.
This would require defining a new (and strange) type of attribute option
though, since the value with the option has no relation (syntactically) to the
original attribute type.
The other alternative is to add a generic description attribute, and tag it
with the attribute that a comment refers to:
description;x-olcAccess: blah blah blah
This is a lot simpler for us to implement.
Usually, in our DIT (which includes mainly people, mail alias, other accounts,
and DNS data) we use single-valued or multi-valued (per entry) "description"
attributes (as defined in RFC 4519) which serve very well our documentation
needs. These are already included in the objectClasses we use (based on
account, person, domain etc. objectClasses ).
I also use 'description' quite a lot especially since my web2ldap displays it
as bubble help in the browser. But it's not sufficient in this case.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/