On Fri, Oct 15, 2010 at 9:21 PM, Emmanuel Lecharny <[email protected]>wrote:
> On 10/15/10 2:12 PM, Pierre-Arnaud Marcelot wrote: > >> Hi Dev, >> >> I'm really wondering if we should not remove the 'System' partition. >> > Good question ... > > Been waiting for this for a while but always wanted a default partition with nestable partitions underneath it. Spoke about this in another email on this thread. SNIP .. I don't know the role of this entry 'prefNodeName=sysPrefRoot,ou=system', if >> it still has any role? >> > No idea. The ou=cnfiguration branch is probably dead wood. > > +1 The following entries are not very useful too: >> - ou=groups,ou=system >> | - cn=Administrators,ou=groups,ou=system >> - ou=users,ou=system >> >> Isn't is better that the user creates its users in its own partition? >> Even our admin user is not in the 'ou=users' organizational unit... >> > I *think* the ou=users,ou=system are usefull for kerberos and triplesec. > > Yeah can't remember for sure. I know KRB defines path to users based on the realm name transformation to DN using the domain-to-DN mapping technique (think there's an real skinny RFC for this). > As you can see, the only valid information in the whole partition is the >> credentials of the admin (should we say default) user. >> > probably. > > Again the groups matter. > I really think this information should be placed in the configuration (we >> could also allow the redefinition of the admin user DN). >> It would allow the user to edit these settings without having to start the >> server (at least) once. >> >> WDYT? >> > I think we can remove the ou=system partition at this point, and use the > ou=config to store the informations related to the administrator. > > That would be good but won't be trivial. > So far, considering ou=system as a special partition is probably not > anymore necessary. > > Hope not. > Note that, as Kiran said, this partition is used by a hell lot of tests, so > removing it will be costly. > If we remove it, I would suggest we restore the automatic creation of the > context entry : it's so painful to have to add it when we create a partition > that we should find a way to do that automatically. > > +1 -- Alex Karasulu My Blog :: http://www.jroller.com/akarasulu/ Apache Directory Server :: http://directory.apache.org Apache MINA :: http://mina.apache.org To set up a meeting with me: http://tungle.me/AlexKarasulu
