Andrew Bartlett wrote:
Information is not given for attributes in an entry that do not have a
value; for example, if the userPassword value is removed, then a
future effective rights search on the entry above would not return any
effective rights for userPassword, even though self-write and
self-delete rights could be allowed. Likewise, if the street attribute
were added with read, compare, and search rights, then street: rsc
would appear in the attributeLevelRights results.
I need information on unknown attributes, so that MMC can show them as
valid, writable fields (not greyed out). My preferred format is a list
of writable fields, as permitted by the current schema for that entry.
Do you need it to come up with a list of all allowed attributes
(probably not a good idea
for implementation and performance reasons), or do you want to supply
the list (better,
but not the way the GER control works) ? I suppose you could supply an
attribute list for
the search and GER could use that. That'd be reasonably efficient and
easy to implement,
I think.
|