Bogdan Rudas wrote: > I would like to start use of olcAccess rules, are there human-friendly > editor for that ACLs? > I can't even use line breaks in ldif file to make my restrictions a bit > more readable! I strongly dislike very long string values, one day this > will cause mistake and access violation. That's the reason why I still strongly recommend to use static configuration files, especially when setting up slapd via puppet with .erb templates. Last week I had to modify some ACLs in cn=config. It took me much more time to do this than modifying a static configuration. I'm currently playing with 'olcAccess' attribute handling in my web2ldap. It's very cumbersome: Normally web2ldap trys to preserve exactly what's in a LDAP entry when generating the input form for modification so that there won't be any modification if the user did not alter any value but accidently hit the submit button. I could not figure out how to achieve this with all the white-spacing variants olcAccess values can contain because normalizing the values in some way would likely lead to a different value. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature