[Fedora-directory-devel] Attribute to determine allowed write attributes?

Pierangelo Masarati ando at sys-net.it
Fri Nov 3 00:46:00 UTC 2006

Andrew Bartlett wrote:
> Sorry, this seems a bit recursive.  I'm lost.  
In fact, it is.  The point is that what you're asking for may not comply 
with the ACL model of most DSA implementations, which usually is a 
desirable model for a number of reasons.  What you need is a 
"cooperative" DSA administrator that agrees to use only a subset of the 
ACL semantics so that their effect can be computed a priori, without any 
knowledge of the values that are/will be stored in the attributes.  
Under this assumption, implementing the feature you desire should be 


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
Office:   +39.02.23998309
Mobile:   +39.333.4963172
Email:    pierangelo.masarati at sys-net.it

More information about the 389-devel mailing list