Mike Jackson wrote:
Jeff Clowser wrote:
> Note that there are a lot of issues with replicating data between
> dissimilar ldap implementations, and always will be until things like
> access control is standardized. Even if I could replicate my data to
> openldap, it would not honor the fds aci's, which would result in
> unexpected/unwanted results.
Good point. OpenLDAP does support ACIs, but it is listed as
experimental, and you have to explicitly enable it at configure time.
Still, I don't know if the ACI syntax and evaluation algorithms in OL
and FDS are similar or not.
It's very different. For one, the ACI syntax is different. For
another, AFAIK, the way in-tree ACIs work with OL is that they are
stored in the cn=config tree instead of being in the aci operational
attribute in the regular tree.
BR,
--
mike
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users