Howard Chu wrote: > Michael Ströder wrote: >> Howard Chu wrote: >>> The OpenLDAP Project is only concerned with implementing the low level >>> functionality. If you want a GUI, ask the Apache Directory Studio folks. >> >> But back-config's schema has a very high influence. >> >> The question is why it's so much easier for GUI clients to directly support >> tweaking cn=config or similar configuration entries of other directory servers? > > Is it easier? Yes, I think so. > File ITSs on the obvious problem areas then. Problematic are configuration attributes which might be multi-valued and comma-/space-separated for specifying multiple values at the same time. IIRC this is the case for olcAllow. Especially the different variants for olcLogLevel are cumbersome at least based on how I understand slapd-config(5). The flexibility does not add any value for the user but makes programming a UI rather difficult. Especially since a generic UI has to preserve the attribute values stored in the entry but represent it in a user-friendly easily editable way guiding the user to do the right thing without restricting what would be valid. > AFAIK all other > directory servers with LDAP-enabled configuration still intend for you to use > their custom client for configuration. What the other vendors intend is not relevant for my comparison. My view on the other LDAP server products is solely via web2ldap. For other LDAP servers I can easily handle a lot of dynamic configuration just by adding some simple LDIF and HTML templates, sometimes a plugin class based on base classes already in web2ldap, e.g. for static or dynamic select lists etc. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature