Pierangelo Masarati schrieb:
...
however this would inhibit object creation as well. And the rootdn
would have write permissions anyway.
I don't see any other possibility at the moment.
Thanks a lot, that was the information I needed. I feel guilty, seems
I hadn't read the man page thoroughly enough ;-)
2 ACLs, one with each possible attribute in the attribute line and
the rule that allows to write followed by one without an attribute
line with read permissions?
BTW: is anybody aware of a patch/fix for the upper problem (which
would obviously make my workaround obsolete)?
2.1 is not going to be fixed any more, unless any volunteer comes out
with a fix that can be hosted in the ITS. I'm curious if by any
chance the problem still occurs in 2.2; can you check? and, in case,
would you mind filing an ITS?
I'll check with 2.2 (but probably not before weekend). Right now
moving to 2.2 does not seem to be an option for us, I was just hoping
that there was a fix for 2.1 . The only chance for upgrading the
ldap-master to 2.2 would be if we don't have to upgrade the slaves too
(which probably "should" work I guess, but for production environment
I would prefer to test, not to guess ;-) - we use slurpd replication)