Mike Jackson wrote: > Jeff Clowser wrote: > >> Note that there are a lot of issues with replicating data between >> dissimilar ldap implementations, and always will be until things like >> access control is standardized. Even if I could replicate my data to >> openldap, it would not honor the fds aci's, which would result in >> unexpected/unwanted results. > > > Good point. OpenLDAP does support ACIs, but it is listed as > experimental, and you have to explicitly enable it at configure time. > > Still, I don't know if the ACI syntax and evaluation algorithms in OL > and FDS are similar or not. It's very different. For one, the ACI syntax is different. For another, AFAIK, the way in-tree ACIs work with OL is that they are stored in the cn=config tree instead of being in the aci operational attribute in the regular tree. > > BR, > -- > mike > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3312 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20050623/637b1058/attachment.bin
