[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#3390) Comments in mutliline directive in slapd.conf are not allowed

To: openldap-its@OpenLDAP.org
Subject: (ITS#3390) Comments in mutliline directive in slapd.conf are not allowed
From: etienne.goyer@videotron.ca
Date: Thu, 11 Nov 2004 15:40:48 GMT

Full_Name: Etienne Goyer
Version: 2.1.19
OS: Fedora Core 2
URL: 
Submission from: (NULL) (199.202.104.154)


Hi,

Not a bug per se, but it might be worth a mention in the documentation. 
Multiline directive, such as access directive often are, cannot contain embedded
comments as it stop evaluation of the directive at that point.  An exemple is
worth a thousand words :

access to attr=userPassword
    by * write
    # by dn=cn=passwordmanager,dc=domain,dc=com write
    by anonymous auth


This directive would make authentication impossible, as the ACL evaluation seem
to stop before the "by anonymous auth" line.

I guess it should be fairly obvious for experienced OpenLDAP admin, but I wasted
a fair amount of time recently pulling my hair about why authentication broke
when I configured ACL.  I guess a little mention in the "OpenLDAP Administrator
Guide" would be appropriate to steer beginning admin such as me.

Thanks !

Prev by Date: (ITS#3389) slapd exiting periodically
Next by Date: Re: (ITS#3390) Comments in mutliline directive in slapd.conf are not allowed
Index(es):
- Chronological
- Thread