Michael Ströder wrote:
harry.j...@arcor.de wrote:
Michael Ströder wrote:
The goal was to make the ACLs more readable for the admin.
This is my intend.
Now the question is: Where to make them more readable.
Howard Chu at 25.03.2012 19:57
The GUI
just makes it possible for the
Michael Ströder wrote:
harry.j...@arcor.de wrote:
Nick Milas wrote:
This actually is causing a serious problem (I would even call it a
*hell situation*), because we can no more export/view our ACLs
as ldif in a legible form. Moreover, we cannot edit this exported
ldif and import it back
On 19/5/2012 6:56 μμ, Nick Milas wrote:
Additionally, we are always waiting for the implementation of one (or,
even better, multiple) olcAccess comments per olcAccess value
(numbered identically as olcAccess values, so they can always be
synced/coupled with them), i.e.:
olcAccess:
--On Tuesday, May 22, 2012 3:08 PM +0300 Nick Milas n...@eurobjects.com
wrote:
On 19/3/2012 8:57 μμ, Quanah Gibson-Mount wrote:
Part 2: Deleting entries in cn=config
Quanah Gibson-Mount has said entry deletes are coming in 2.5, is that
still the plan? The Roadmap page isn't specific.
You
harry.j...@arcor.de wrote:
Michael Ströder wrote:
harry.j...@arcor.de wrote:
Michael Ströder wrote:
The goal was to make the ACLs more readable for the admin.
This is my intend.
Now the question is: Where to make them more readable.
Howard Chu at 25.03.2012 19:57
That's exactly what I'm
harry.j...@arcor.de wrote:
Michael Ströder wrote:
The goal was to make the ACLs more readable for the admin.
This is my intend.
Now the question is: Where to make them more readable.
The GUI
just makes it possible for the admin to add the LFs and display the
ACL as multiple lines. And now
harry.j...@arcor.de wrote:
Nick Milas wrote:
This actually is causing a serious problem (I would even call it a
*hell situation*), because we can no more export/view our ACLs as
ldif in a legible form. Moreover, we cannot edit this exported ldif
and import it back to cover several editing
harry.j...@arcor.de wrote:
Michael Ströder wrote:
Harry, as said in this discussion thread:
1. LDAP syntax DirectoryString may contain CR and LF.
2. RFC 2849 defines SAFE-CHAR which does not contain CR and LF
= a DirectoryString attribute value containing CR or LF has to be
base64-encoded
On 22/3/2012 3:56 μμ, Nick Milas wrote:
On 22/3/2012 2:20 μμ, btb wrote:
i press the enter key on my keyboard
Thanks,
Interestingly, I found that the same is also possible with JXPlorer.
ACLs can be formatted like that and they remain formated. They also
function without problems.
Hi,
Nick Milas wrote:
I am returning to an older thread, regarding the formatting of ACLs using
Carriage Return (CRs) and spaces.
I have just realized that if we format (using CRs) ACLs stored as olcAccess
attr values, then they are exported/stored as ldif in base64 encoded format
(by all
On 19/5/2012 5:35 μμ, Michael Ströder wrote:
I think now it's the time to start looking at LDIF processing module in your
favourite scripting language. I cannot imagine any other sane way.
I guess you are right. In any case, I prefer to have the primitive data
(I mean olcAccess attr values)
Nick Milas wrote:
On 19/5/2012 5:35 μμ, Michael Ströder wrote:
mailing list?).
Any additional info regarding this spec, its validity and adoption would be
interesting. Can anyone please provide more details?
Searching xml ldif and ietf-ldapext with Google and a couple of clicks lead to:
Nick Milas wrote:
On 22/3/2012 3:56 μμ, Nick Milas wrote:
On 22/3/2012 2:20 μμ, btb wrote:
i press the enter key on my keyboard
Thanks,
Interestingly, I found that the same is also possible with
JXPlorer.
ACLs can be formatted like that and they remain formated. They also
Howard Chu wrote:
Michael Ströder wrote:
Howard Chu wrote:
The OpenLDAP Project is only concerned with implementing the low level
functionality. If you want a GUI, ask the Apache Directory Studio folks.
But back-config's schema has a very high influence.
The question is why it's so much
On Tuesday, 20 March 2012 12:53:08 Howard Chu wrote:
The purpose of cn=config is to support configuration changes on a server
without causing any service outage. Supporting Deletes in cn=config is
fundamentally opposed to this goal. E.g., deleting an olcDatabase entry
cannot be seen as
Buchan Milne wrote:
On Tuesday, 20 March 2012 12:53:08 Howard Chu wrote:
The purpose of cn=config is to support configuration changes on a server
without causing any service outage. Supporting Deletes in cn=config is
fundamentally opposed to this goal. E.g., deleting an olcDatabase entry
Howard Chu wrote:
The OpenLDAP Project is only concerned with implementing the low level
functionality. If you want a GUI, ask the Apache Directory Studio folks.
But back-config's schema has a very high influence.
The question is why it's so much easier for GUI clients to directly support
Buchan Milne wrote:
On Tuesday, 20 March 2012 12:53:08 Howard Chu wrote:
The purpose of cn=config is to support configuration changes on a server
without causing any service outage. Supporting Deletes in cn=config is
fundamentally opposed to this goal. E.g., deleting an olcDatabase entry
Michael Ströder wrote:
Howard Chu wrote:
The OpenLDAP Project is only concerned with implementing the low level
functionality. If you want a GUI, ask the Apache Directory Studio folks.
But back-config's schema has a very high influence.
The question is why it's so much easier for GUI clients
On Wed, 21 Mar 2012 22:32:33 -0400, b...@bitrate.net wrote:
i'd amend that process slightly:
Not quite there yet...
Make a habit of always running the slap tools as the user group
slapd runs as, so you'll never screw up file ownerships for slapd.
I.e. slapd -u ldap vs su ldap -c
On 22/3/2012 3:47 πμ, b...@bitrate.net wrote:
hmm, not sure why it isn't working for you. i've heavily modified all of my
acls at one point or another, all of which are multiline, and have not had any
issues. data that needs to be base64'd [for whatever reason] is done so
consistently
On 22/3/2012 3:47 πμ, b...@bitrate.net wrote:
hmm, not sure why it isn't working for you. i've heavily modified all of my
acls at one point or another, all of which are multiline, and have not had any
issues.
Hi again,
Please tell me: How do you enter newlines in Apache Dir Studio? You
On 2012.03.22 07.19, Nick Milas wrote:
Cos with JXPlorer (as with standard tools) I see string-based and not
number-based ordering, for example:
yes, it is string based ordering.
On 2012.03.22 07.45, Nick Milas wrote:
Please tell me: How do you enter newlines in Apache Dir Studio? You
simply type \n or you enter a particular key combination?
i press the enter key on my keyboard
Also, which ADS version are you using?
currently, 2.0.0.v20120224. this behavior hasn't
On 22/3/2012 2:20 μμ, btb wrote:
i press the enter key on my keyboard
Thanks,
Interestingly, I found that the same is also possible with JXPlorer.
ACLs can be formatted like that and they remain formated. They also
function without problems.
Unfortunately, normal listing (all values
Le 3/22/12 2:56 PM, Nick Milas a écrit :
On 22/3/2012 2:20 μμ, btb wrote:
i press the enter key on my keyboard
Thanks,
Interestingly, I found that the same is also possible with JXPlorer.
ACLs can be formatted like that and they remain formated. They also
function without problems.
-Original Message-
From: openldap-technical-boun...@openldap.org
[mailto:openldap-technical-boun...@openldap.org] On Behalf Of b...@bitrate.net
Sent: Wednesday, March 21, 2012 10:33 PM
To: openldap-technical@openldap.org
Subject: Re: Concerns with OLC (cn=config) for editing schema,
On Mar 20, 2012, at 3:53 AM, Howard Chu wrote:
On the other hand, we should certainly provide a slapdelete tool for removing
things while slapd is offline. If you have screwed up your configuration so
badly that you need to delete something from it, you might as well restart
the server
On Mar 21, 2012, at 5:59 PM, David Arroyo wrote:
What is the correct way to delete a database from olc?
I get the feeling it is frowned upon, but I think you could:
1. slapcat -s 'cn=config' config.ldif
2. edit config.ldif
3. delete or move slapd.d/*
4. slapadd -n0 -F /path/to/slapd.d -l
On Mar 21, 2012, at 22.00, Chris Hiestand wrote:
On Mar 21, 2012, at 5:59 PM, David Arroyo wrote:
What is the correct way to delete a database from olc?
I get the feeling it is frowned upon, but I think you could:
1. slapcat -s 'cn=config' config.ldif
2. edit config.ldif
3. delete or
On 20/3/2012 2:32 πμ, Chris Hiestand wrote:
As far as the sysadmin is concerned, slapd.conf allowed multi-line strings for
ACLs and schemas. This yielded great readability
Although I also really totally respect project developers and appreciate
every single effort for the fine OpenLDAP
Chris Hiestand wrote:
Part 1: Readability
I know you veterans are probably sick to death of us late-comers asking
questions about cn=config. I understand but please hear me out because I feel
I have done due diligence; but I still have some concerns with the transition.
Workflow has been
On 2012.03.19 14.39, Chris Hiestand wrote:
Editing via an ldap client is easy if you're just editing an
attribute here and there, but because of the interacting nature of ACLs and
schema
elements, poor readability (no newlines) makes editing via an ldap client more
difficult
(a gui with smart
Le 20 mars 2012 09:32, Nick Milas n...@eurobjects.com a écrit :
On 20/3/2012 2:32 πμ, Chris Hiestand wrote:
As far as the sysadmin is concerned, slapd.conf allowed multi-line strings
for ACLs and schemas. This yielded great readability
Although I also really totally respect project
--On Tuesday, March 20, 2012 12:58 AM -0400 David N. Blank-Edelman
d...@ccs.neu.edu wrote:
To your original point: once those details are clear, I suspect it would
be relatively straightforward to write a slapacl command/script that
parsed the ACL .conf file format and then used Net::LDAP to
Quanah, all of this is with due respect - I really appreciate how much time
you've put into this project.
They were never a multi-line string in slapd.conf, either. You could just
format things to pretend they were multi-line strings.
But this is irrelevant within the scope of usability.
36 matches
Mail list logo
