[Fedora-directory-devel] Attribute to determine allowed write attributes?

Richard Megginson rmeggins at redhat.com
Wed Nov 1 14:05:33 UTC 2006 

Andrew Bartlett wrote:
> On Tue, 2006-10-31 at 21:05 -0700, David Boreham wrote:
>   
>> Andrew Bartlett wrote:
>>
>>     
>>> Does anybody have any pointers to an existing feature request like this,
>>> or should I file one in Bugzilla?
>>>  
>>>
>>>       
>> This is what is implemented :
>>
>> http://www.redhat.com/docs/manuals/dir-server/ag/7.1/acl.html#1216899
>>     
>
> That has:
>
>   
>> Information is not given for attributes in an entry that do not have a
>> value; for example, if the userPassword value is removed, then a
>> future effective rights search on the entry above would not return any
>> effective rights for userPassword, even though self-write and
>> self-delete rights could be allowed. Likewise, if the street attribute
>> were added with read, compare, and search rights, then street: rsc
>> would appear in the attributeLevelRights results.
>>     
>
> I need information on unknown attributes, so that MMC can show them as
> valid, writable fields (not greyed out).  My preferred format is a list
> of writable fields, as permitted by the current schema for that entry.
>   
This could be useful in any general purpose GUI app, to have the ability 
to perform one query and get back a list of
1) regular attributes available according to the schema
2) operational attributes - writable vs. read-only
3) virtual attributes - writable vs. read-only

I would like to support the openldap "+" special attribute which 
retrieves all operational attributes, and I would also like to support 
the Sun DS real and virtual attrs controls.

Andrew, I think it would be beneficial to me if you could post an 
example ldapsearch and an example return entry in LDIF.
> Andrew Bartlett
>
>   
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-devel mailing list
> Fedora-directory-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-devel
>   
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20061101/03d07db5/attachment.bin>

More information about the Fedora-directory-devel mailing list