[Fedora-directory-devel] Attribute to determine allowed write attributes?
Pete Rowley
prowley at redhat.com
Wed Nov 1 18:29:58 UTC 2006
Richard Megginson wrote:
> Andrew Bartlett wrote:
>> On Tue, 2006-10-31 at 21:05 -0700, David Boreham wrote:
>>
>>> Andrew Bartlett wrote:
>>>
>>>
>>>> Does anybody have any pointers to an existing feature request like
>>>> this,
>>>> or should I file one in Bugzilla?
>>>>
>>>>
>>>>
>>> This is what is implemented :
>>>
>>> http://www.redhat.com/docs/manuals/dir-server/ag/7.1/acl.html#1216899
>>>
>>
>> That has:
>>
>>
>>> Information is not given for attributes in an entry that do not have a
>>> value; for example, if the userPassword value is removed, then a
>>> future effective rights search on the entry above would not return any
>>> effective rights for userPassword, even though self-write and
>>> self-delete rights could be allowed. Likewise, if the street attribute
>>> were added with read, compare, and search rights, then street: rsc
>>> would appear in the attributeLevelRights results.
>>>
>>
>> I need information on unknown attributes, so that MMC can show them as
>> valid, writable fields (not greyed out). My preferred format is a list
>> of writable fields, as permitted by the current schema for that entry.
>>
> This could be useful in any general purpose GUI app, to have the
> ability to perform one query and get back a list of
> 1) regular attributes available according to the schema
> 2) operational attributes - writable vs. read-only
> 3) virtual attributes - writable vs. read-only
>
> I would like to support the openldap "+" special attribute which
> retrieves all operational attributes, and I would also like to support
> the Sun DS real and virtual attrs controls.
>
I wrote the Sun DS real and virtual attrs controls before the fork, so
we do :)
Attached a little rootDSE decoder python script.
--
Pete
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ldapinfo
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20061101/2fb6fa07/attachment.ksh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20061101/2fb6fa07/attachment.bin>
More information about the Fedora-directory-devel
mailing list