Michael StrÃder wrote:
Nick Milas wrote:On 2/7/2011 2:53 ÎÎ, Simone Piccardi wrote:I don't think there are comments inside cn=config, and those are very important when you have to document and track tens of different installations.Indeed, it seems that the config schema does not include a "description" (or similar) attribute which can be used freely in any config DIT entries for documentation purposes. If this is truly the case, wouldn't it be advisable to add such support to the config schema? Of course, this means that all objectclass definitions should include: ...MAY (... $ description ) ...While description may help a little bit you cannot add comments for each configuration directive for example ACLs.
We've been discussing this problem for quite a while. My current thinking is that somehow we can use attribute options to help. Visually it might be better to associate the option with the original attribute, e.g.
olcAccess: olcAccess;x-comment:This would require defining a new (and strange) type of attribute option though, since the value with the option has no relation (syntactically) to the original attribute type.
The other alternative is to add a generic description attribute, and tag it with the attribute that a comment refers to:
description;x-olcAccess: blah blah blah This is a lot simpler for us to implement.
Usually, in our DIT (which includes mainly people, mail alias, other accounts, and DNS data) we use single-valued or multi-valued (per entry) "description" attributes (as defined in RFC 4519) which serve very well our documentation needs. These are already included in the objectClasses we use (based on account, person, domain etc. objectClasses ).I also use 'description' quite a lot especially since my web2ldap displays it as bubble help in the browser. But it's not sufficient in this case. Ciao, Michael.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/