[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: rootdn -> admindn?

Aaron Richton writes:
>>>> I've had it with explaining that the suffix is the root of the
>>>> database which is not the rootdn which is not the Unix user "root".
>> IMO this renaming/aliasing will lead to even more confusion on the mailing
> I'd note that the namespace pollution is nearly impossible to avoid in any
> reasonable manner. *ix users might be confused that it's rootdn/rootpw.

Note that people _also_ confuse rootdn with the suffix, since the suffix
is the root of the backend's tree (and is described as that some places,
though I don't remember where at the moment).

Maybe it'd help to instead describe is at the "top" of the database's
LDAP tree.

> But when we make admindn/adminpw Windows users might be confused that
> they're not related to Windows Administrator privileges. Perhaps we
> could call it systemdn and confuse VMS users.

ldapadmin-dn, ldapadmin-pw?

> Almost anything short of
> "rootdnThatAppliesOnlyToThisBackendAndNotToAnythingElseInYourOS" is
> going to require a bit of interpretation in the documentation, and it's
> intuitively obvious (if not always properly understood) that slapd
> configuration configures slapd, not *ix nor the universe at large.

That's far from obvious to a number of LDAP beginner who just wants
to set up LDAP and get it to work.  The learning curve is fairy steep,
so many seem to skim the doc a bit too fast.

> A couple doc patches to reinforce that "rootdn" only applies to
> backends and not to any client OS would probably be better in this
> case.

I'll do something about that.