This patch file is derived from OpenLDAP Software. All of the
modifications to OpenLDAP Software represented in the following patch(es)
were developed by Andrew Findlay <andrew.findlay@skills-1st.co.uk>.
I have not assigned rights and/or interest in this work to any party.
I, Andrew Findlay, hereby place the following modifications to OpenLDAP
Software (and only these modifications) into the public domain. Hence,
these modifications may be freely used and/or redistributed for any
purpose with or without attribution and/or other notice.
multival, idlexp, and maxentrysize are all new options as of OpenLDAP 2.5 that were missing from the admin guide. Add these options and additional information beyond what is found in the man pages as appropriate.
Also fixed some discrepencies between the slapd.conf and slapd-config admin guide sections on the Database backends as well as missing information in that section.
ldappasswd is slightly different from a standard passwd workflow in that it
requests an old password, then a new password, then the old password
again. This confuses people who are used to the unix passwd tool as
well as people who use password manager. I've seen quite a few people
who have generated a new password, overwriting the old one, and then
need a password reset because they still need to bind to modify their
password.
This patch adds an option to bind at the beginning of the process so
that you can pass '-E' to ldappasswd and it will bind early in the
process so that the process is the same as the standard passwd. All it
does is run the bind towards the beginning of the process instead of the
end.
The attached patch file is derived from OpenLDAP Software. All of
the modifications to OpenLDAP Software represented in the following
patch(es) were developed by Randall Mason randall@mason.ch. I have not
assigned rights and/or interest in this work to any party.
I, Randall Mason, hereby place the following modifications to
OpenLDAP Software (and only these modifications) into the public domain.
Hence, these modifications may be freely used and/or redistributed for
any purpose with or without attribution and/or other notice.
Some config changes need to be prepared at entry modification time and
then checked/committed at the end. Such a check can fail, so we need to
do this early enough and also commit the opposite change during a revert
step.
The assumption is that the original version is consistent and bconfig
can accurately reconstruct it, so the revert cleanups will not fail and
so all of them get to be run. We set ca->reply.err so that the cleanups
can be made aware and comply with this assumption.
