mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-21 03:10:25 +08:00
Code Issues Packages Projects Releases Wiki Activity
dba33ec04c
openldap/contrib/slapd-modules/allowed
History
Howard Chu dd9b31cc1d ITS#4730 add makefile
2009-08-26 01:24:38 +00:00
..
allowed.c only add attrs if values are present... 2009-08-18 14:32:02 +00:00
Makefile ITS#4730 add makefile 2009-08-26 01:24:38 +00:00
README s/aa/allowed/; we already ran into the issue of having a run-time loadable overlay whose file differs from the overlay's name... 2009-08-18 11:07:26 +00:00

README 

This directory contains a slapd overlay, "allowed".

    --- o --- o --- o ---

It adds to entries returned by search operations the value of attributes

"allowedAttributes"
	<http://msdn.microsoft.com/en-us/library/ms675217(VS.85).aspx>

"allowedAttributesEffective"
	<http://msdn.microsoft.com/en-us/library/ms675218(VS.85).aspx>

No other use is made of those attributes: they cannot be compared,
they cannot be used in search filters, they cannot be used in ACLs, ...

    --- o --- o --- o ---

Other attributes like

"allowedChildClasses"
	<http://msdn.microsoft.com/en-us/library/ms675219(VS.85).aspx>
"allowedChildClassesEffective"
	<http://msdn.microsoft.com/en-us/library/ms675220(VS.85).aspx>

make little sense within OpenLDAP's slapd right now, since any AUXILIARY
objectClass can be added to an entry, while no STRUCTURAL objectClass can.
This may change when DIT structure rules are implemented, while ACLs may
restrict what AUXILIARY objectClasses can be added to an entry.

    --- o --- o --- o ---

Usage: add to slapd.conf(5)


moduleload	path/to/allowed.so
overlay		allowed

or add

dn: olcOverlay={0}allowed,olcDatabase={1}bdb,cn=config
objectClass: olcOverlayConfig
olcOverlay: {0}allowed

as a child of the database that's intended to support this feature
(replace "olcDatabase={1}bdb,cn=config" with the appropriate parent);
or use

dn: olcOverlay={0}allowed,olcDatabase={-1}frontend,cn=config
objectClass: olcOverlayConfig
olcOverlay: {0}allowed

if it's supposed to be global.

    --- o --- o --- o ---

No Makefile is provided. Use a command line similar to:

gcc -shared -I../../../include -I../../../servers/slapd -Wall -g \
	-o allowed.so allowed.c

to compile this overlay, or even better use OpenLDAP's libtool as appropriate.

---
This work is part of OpenLDAP Software <http://www.openldap.org/>.

Copyright 2006-2009 The OpenLDAP Foundation. All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted only as authorized by the OpenLDAP
Public License.

Redistribution and use in source and binary forms, with or without
modification, are permitted only as authorized by the OpenLDAP
Public License.

A copy of this license is available in the file LICENSE in the
top-level directory of the distribution or, alternatively, at
<http://www.OpenLDAP.org/license.html>.

ACKNOWLEDGEMENTS:
This work was initially developed by Pierangelo Masarati for inclusion in
OpenLDAP Software.