I have no objection at accepting this code, since it seems to create no backwards compatibility issues but rather solves a (irrelevant?) compatibility issue with an ancient version of the code in an area that I believe to be of questionable usefulness.

At least it had help me by upgrading a bunch of servers from 2.1 which used this feature.

In fact, ACIs have been deprecated ever since, so I wouldn't spend too much time with them. If there's no IPR issues (as, for what I can tell, there appear to be none), I'd try to apply the patch to HEAD code.

Thanks.

We use ACI, because we have a setup where we replicate different parts of the tree to different slave ldap servers. By using ACI's the access information get's replicated too. To get the same behaviour with ACL's it would be much more compilcated, because we would need to sort out which ACL's to replicate and which not, because not simply subtrees are replicated (we cannot simply replicate all ACL's because this would leak too much informations).

From this point of view ACI are quite usefull, at least for us.

Gerald

** Virus checked by BB-5000 Mailfilter **