Re: [389-devel] SSO to 389 Server from 389 Client

Hi, don't forget either to * add on the client workstation the CA certificate that signed the LDAP server certifcate to /etc/openldap/ldap.conf (TLS_CACERT parameter) * or to disable the certificate check: ("TLS_REQCERT never") You can easily test fro the client whethe rit worked or not : ldapse

Re: [389-devel] New Transformation Plugin proposal

Hi Mark, there are already serveral plugins and/or feature requests for generating this sort of virtual attributes ( http://directory.fedoraproject.org/wiki/Roadmap, http://directory.fedoraproject.org/wiki/Wishlist): Virtual DIT/Tree Views CoS + explict scoping(i think it's closest to your idea, m

Re: [389-devel] New Support Tool: dseconv.pl (dse.ldif file parser)

Hi Mark, nice tool. It seems you have hardcoded into the script some default values like config entries in cn=config suffix. Is there a way to do it in a more flexible way. For example, dseconv could take (some) default values from template-dse.ldif, template-*.ldif and if they are not found in th

Re: [389-devel] DN normalisation design document

> > In order to support "Old DN format including DN in the double quotes" > another cn=config switch may be necessary. It seems there was recently a new > switch introduced to make the dn syntax validation a little more "relaxed" - > nsslapd-dn-validate-strict. Maybe this one could be used to allow

[389-devel] DN normalisation design document

Hi Noriko, i've read the design document http://directory.fedoraproject.org/wiki/Upgrade_to_New_DN_Format In order to support "Old DN format including DN in the double quotes" another cn=config switch may be necessary. It seems there was recently a new switch introduced to make the dn syntax vali

Re: [389-devel] Please review: Allow modrdn to move subtree and rename non-leaf node

>> I ran the test suite that covers these functionalities.  So far, I haven't >> seen any breakage.  But I might be missing something important, so your >> reviews would be greatly appreciated. > > I'm pretty sure the referential integrity plug-in will not work for > modrdn operations with a new su

Re: [389-devel] Please review: Allow modrdn to move subtree and rename non-leaf node

Hi Noriko, >  Allow modrdn to move subtree and rename non-leaf node > >    This patch includes > ... I've read your design and implementation guide. It is very detailed and discusses a lot of questions in a rather comprehensive way. A lot of uncertainties i had in the beginning of the document we