hyc(a)symas.com writes:
>>> monitorContext, readOnly and the olc* attributes are defined by OpenLDAP
>>> (their OIDs start with 1.3.6.1.4.1.4203) and can be modified if we feel
>>> like it. Personally I prefer attrs to have the matching rules they can
>>> have unless there is a reason not to, but I didn't write these modules
>>> so I don't know if there _is_ a reason not to.
>
> For the config attributes, I just assumed no one needs to search on
> them (so no filter capability needed) and for single-valued
> attributes, there's no need to consider modifies...
Oh, good. No reason not to add matching rules then:-)
I search for one config attrs or another once in a while. Mostly for
olcSuffix and with presence filters, but it'd be nice if e.g.
(olcAccess:caseIgnoreSubstringsMatch:=*userPassword*) worked. Also some
day I'll want to use assertion controls as a check on modify operations
someday.
Still, I'm not proposing to add more work than necessary to this ITS.
Get it right first, then think of "nice to have"-features if/when anyone
bothers.
--
Hallvard