[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: back-sql insert: entry at root denied

To: Brad Midgley <bmidgley@xmission.com>
Subject: Re: back-sql insert: entry at root denied
From: Pierangelo Masarati <ando@sys-net.it>
Date: Sun, 03 Oct 2004 21:15:32 +0200
Cc: openldap-software@OpenLDAP.org
References: <4159A108.7010304@xmission.com> <63655.81.72.89.40.1096396857.squirrel@81.72.89.40> <4159C3AF.1090500@xmission.com> <4159CF44.6040700@sys-net.it> <4159DA32.1090501@sys-net.it>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003

Pierangelo Masarati wrote:

Another approach I'm considering, based on the usage many people I assume are doing of back-sql, is to provide a "fake" in-memory suffix entry, with the rest of the database being flat and based on a single view for the rest of the entries. Something much like the good old back-passwd...
I'll put this on the "short back-sql todo list" for view users... in the meanwhile, I suggest not to use HEAD code, or subtree searches with nonexisting baseobject will fail.

This is now in HEAD; read slapd-sql(5) for details on how to set up the baseObject so that it doesn't need to be actually stored in the database. Make sure the view sets each entry's parent to 0. The allow_orphans is no longer required (I might remove it at some point) but everything now likely needs to be rooted at the baseObject.

p.

   SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

Follow-Ups:
- Re: back-sql insert: entry at root denied
  - From: Adam Tauno Williams <adam@morrison-ind.com>

Prev by Date: Re: ACL problem posixgroup/groupofnames
Next by Date: Re: ACL problem posixgroup/groupofnames
Index(es):
- Chronological
- Thread