On Dec 21, 2009, at 8:09 AM, rein@OpenLDAP.org wrote:

Full_Name: Rein Tollevik Version: CVS HEAD OS: Irrelevant URL:=20 Submission from: (NULL) (2a01:600:0:1:21c:23ff:feab:61cd) Submitted by: rein =20 =20 Some of the operational attributes defined in the slapd source are =

hidden from

the clients unless slapd is compiled with LDAP_DEVEL enabled.

Yes, it has long been our practice not to publish schema elements which = are not yet well standardized. This would include any element which = carries a OpenLDAP.666 OID.

The idea being that use of such attributes should be limited to early = adopters and such.

Still, some of these elements are used in the database (as in the authz* and monitor =

related

attributes). This causes my schema-aware application to complain when =

it sees

(or worse tries to modify) these attributes.

=20 A patch that adds a new optional define that can be used to disable =

the schema

hiding without enabling LDAP_DEVEL is coming. A better fix would be =

to not hide

those schema elements that is actually being used..

It may be that the particular schema elements simply shouldn't be behind = LDAP_DEVEL any longer, possibly because a permanent OID has yet to be = assigned to now production code.

=20 Rein =20