Kurt D. Zeilenga writes:
How about ;lang-x-hidden and some ACLs? No coding required.
Hm? It isn't a language. Sounds like an abuse of "lang".
Besides, I just finished coding user-defined attribute options: Since I thought I'd have to implement a new option anyway, I could just as well generalize. (They cannot be specified in slapd.conf "index" statements, though.)
ACLs: Good idea. This now gives the effect I want:
attributeoption x-hidden access to cn;x-hidden,sn;x-hidden,givenName;x-hidden,ou;x-hidden by * search
The ACL gets a bit cumbersome if many attributes use x-hidden, but I guess I might leave it at that.
What about
access to attrs=;x-hidden by * s -r
that is, allow ACLs to consider attribute name extensions?
Ando.
-- Dr. Pierangelo Masarati mailto:pierangelo.masarati@sys-net.it LDAP Architect, SysNet s.n.c. http://www.sys-net.it
----------------------------------------------------------------------------- The receiver of this message is required to check if he/she has received it erroneously. If so, the receiver is requested to immediately inform the sender and - in consideration of the responsibilities arising from undue use and/or disclosure of the message and/or the information contained therein - destroy the original message and any copy or printout thereof. -----------------------------------------------------------------------------