Antw: Re: Need Schema for aci attribute

["Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>]

>>> Mike Jackson <mj@netauth.com> schrieb am 15.05.2014 um 20:35 in Nachricht
<20140515213556.Horde.wkpVZ5iF1hLX6CSzSDPdMQ3@mail.netauth.com>:

> Quoting Howard Chu <hyc@symas.com>:
> 
>> Mike Jackson wrote:
>>>
>>> Quoting Dieter KlÃnter <dieter@dkluenter.de>:
>>>>
>>>> The attribute type is openLDAPaci. The model is based on
>>>> http://tools.ietf.org/html/draft-ietf-ldapext-acl-model-08 
>>>>
>>>
>>> Does this FAQ-O-Matic still represent the current situation regarding
>>> the semantics and not recommended for general use?
>>
>> Yes.
>>>
> 
> OK, thanks for clarification from both you, Howard, and Dieter. I like  
> in-tree ACIs for the reason that they are replicated without too much  
> concern. OTOH, the olcAccess semantics are very powerful compared to  
> the SUN/Netscape semantics.
> 
> The key thing I desire, I suppose, is replicated schema and ACI, but  
> not some/most of the other parts of cn=config. I, like the previous  
> poster today, would like to be able to dynamically adjust logging  
> levels on a per-server basis while replicating other matters of  
> policy. I think it just means a bit more work on the syncrepl access  
> control. Small price to pay for such power, and don't require much  
> touching after initial config anyway, IMO.

A spontaneous idea would be to extend the logging level in cn=config, maybe by
adding the Server ID to make it specific to a server (connection)

> 
> -mike