Re: Warning while loading ACI (Apache DS 1.5.7)

[Emmanuel Lecharny]

 On 6/17/10 10:57 AM, Sudheer Kumar wrote:
dn: cn=RDSAuthorizationACISubentry,dc=xxx,dc=xx
changetype: add
objectclass: top
objectclass: subentry
objectclass: accessControlSubentry
cn: RDSAuthorizationACISubentry
subtreeSpecification: {}
prescriptiveACI: {
     identificationTag "directoryManagerFullAccessACI",
     precedence 11,
     authenticationLevel simple,
     itemOrUserFirst userFirst:
     {
       userClasses
       {
         name { "uid=adminuser,ou=people,dc=xxx,dc=com" }
       },
       userPermissions
       {
         {
           protectedItems
           {
             entry, allUserAttributeTypesAndValues
           },
           grantsAndDenials
           {
             grantAdd, grantDiscloseOnError, grantRead,
             grantRemove, grantBrowse, grantExport, grantImport,
             grantModify, grantRename, grantReturnDN,
             grantCompare, grantFilterMatch, grantInvoke
           }
         }
       }
     }
   }
prescriptiveACI: {
     identificationTag "allUsersACI",
     precedence 10,
     authenticationLevel none,
     itemOrUserFirst userFirst:
     {
       userClasses
       {
         allUsers
       },
       userPermissions
       {
         {
           protectedItems { entry, allUserAttributeTypesAndValues },
           grantsAndDenials { grantRead, grantBrowse, grantReturnDN,
                              grantCompare, grantFilterMatch,
grantDiscloseOnError }
         },
         {
           protectedItems { attributeType { userPassword } },
           grantsAndDenials { denyRead, denyCompare, denyFilterMatch }
         }
       }
     }
   }
The second prescriptiveACI seems to be ok, except that the 
'grantDiscloseOnError' element starts on a new line without a space at 
first position.

I don't know if it's a mail artifact or not, can you check that ?

--
Regards,
Cordialement,
Emmanuel Lécharny
www.nextury.com