Mike Jackson wrote:
Jeff Clowser wrote:Note that there are a lot of issues with replicating data between dissimilar ldap implementations, and always will be until things like access control is standardized. Even if I could replicate my data to openldap, it would not honor the fds aci's, which would result in unexpected/unwanted results.Good point. OpenLDAP does support ACIs, but it is listed as experimental, and you have to explicitly enable it at configure time.Still, I don't know if the ACI syntax and evaluation algorithms in OL and FDS are similar or not.
It's very different. For one, the ACI syntax is different. For another, AFAIK, the way in-tree ACIs work with OL is that they are stored in the cn=config tree instead of being in the aci operational attribute in the regular tree.
BR, -- mike -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
