[Date Prev][Date Next] [Chronological] [Thread] [Top]

authTimestamp and relax rules control

To: openldap-devel@OpenLDAP.org
Subject: authTimestamp and relax rules control
From: Michael Ströder <michael@stroeder.com>
Date: Thu, 17 Mar 2011 19:49:57 +0100
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.17) Gecko/20110123 Lightning/1.0b1 SeaMonkey/2.0.12

HI!

I'm using slapo-lastbind with 2.4.24 found under contrib/ which writes the
operational attribute authTimestamp to an entry. Now I have a use-case where a
LDAP client (connector continously pumping data from another non-OpenLDAP
directory server) should write this attribute to the OpenLDAP server. But even
when using the relax rules control this does not seem to be allowed.

Section 3.6. of draft-zeilenga-ldap-relax-03 says:

  The subsections of this section discuss modification of various
  operational attributes where their NO-USER-MODIFICATION constraint may
  be relaxed.  Future documents may specify where NO-USER-MODIFICATION
  constraints on other operational attribute may be relaxed.  In absence
  of a document detailing that the NO-USER-MODIFICATION constraint on a
  particular operational attribute may be relaxed, implementors SHOULD
  assume relaxation of the constraint is not appropriate for that
  attribute.

Hmm, since there's no formal spec for authTimestamp I'm lost here?

Ciao, Michael.

Follow-Ups:
- Re: authTimestamp and relax rules control
  - From: Kurt Zeilenga <Kurt@OpenLDAP.org>

Prev by Date: Release testing
Next by Date: Re: Release testing
Index(es):
- Chronological
- Thread