Howard Chu wrote: > Michael Ströder wrote: >> Why is it not allowed to use >> >> NO-USER-MODIFICATION >> USAGE dSAOperation >> >> in an attribute type declaration? > > Because such an operational attribute requires server-side code to > actually implement it, and you haven't got any means to provide that > code. Custom operational attributes must be defined using code loaded in > a module. >> >> For OATH-LDAP I'd like to define a "virtual" attribute (actually to be >> processed by back-sock listener) without having to write a slapd overlay. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This *is* the server-side code! It somewhat defeats the idea of back-sock or similar if I still have to implement an overlay to simply define appropriate schema (in my case for OATH-LDAP). IMO it does not any harm to allow .schema files to contain such an attribute type description. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature