[Fedora-directory-users] FDS and OpenLDAP integration
Pierangelo Masarati
ando at sys-net.it
Fri Sep 7 15:32:09 UTC 2007
Richard Megginson wrote:
>> I have see that the structuralobjectclass is not defined in the
>> attributes available in FDS.... how can resolve the probem?
> I suggest adding an operational attribute called 'structuralObjectClass'
> to Fedora DS. Maybe you can just copy the definition of it from openldap.
Since the structuralObjectClass attribute is supposed to have a very
special meaning for the DSA (RFC 4512), just adding it as a user
attribute seems to me quite a broken approach. Provided you're running
a decent version of OpenLDAP, you should be able to filter out undesired
attributes from the replication process. For example, in slapd.conf
(from slapd.conf(5) man page of OpenLDAP 2.3, but the feature exists
since OpenLDAP 2.1, I think)
replica [...]
attr!=structuralObjectClass
will prevent slurpd from replicating the negated attribute list.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: pierangelo.masarati at sys-net.it
---------------------------------------
More information about the Fedora-directory-users
mailing list