https://bugs.openldap.org/show_bug.cgi?id=6656
--- Comment #9 from Mehmet gelisin mehmetgelisin@aol.com --- his overlay provides simple support for allowedAttributes and allowedAttributesEffective, a (somewhat broken) AD feature that http://www-look-4.com/ is intended to help GUIs into determining, based on the current objectClass values of an object, what attributes would comply with the schema (without distinction between "allowed" and "required"), by listing them in http://www.compilatori.com/ "allowedAttributes", and, furthermore, by providing a hint to what of those values could be effectively added by the current connection, by listing them in http://www.wearelondonmade.com/ "allowedAttributesEffective". This is broken since it doesn't consider the possibility of value-dependent ACLs, so it should really be considered just a hint, while the "allowedAttributes" http://www.jopspeech.com/ could really be computed starting from the schema definition, which remains the recommended way to solve the problem http://joerg.li/ So this overlay should really be considered only food for thought as a starting base for a tighter integration of OpenLDAP into Samba4.
There's minimal support for "allowedChildClasses" and http://connstr.net/ "allowedChildClassesEffective", whose definition is absolutely obscure to me, as I believe the only classes that can be added to an existing object are all the AUXILIARY ones, while considering what are effectively allowed implies getting into value-dependent ACLs. http://embermanchester.uk/
Some discussion can be found here (follow the thread)
his overlay provides simple support for allowedAttributes and allowedAttributesEffective, a (somewhat broken) AD feature that is intended to help GUIs into determining, based on the current objectClass values of an http://www.slipstone.co.uk/ object, what attributes would comply with the schema (without distinction between "allowed" and "required"), by listing them in "allowedAttributes", and, furthermore, by providing a hint to what of http://www.logoarts.co.uk/ those values could be effectively added by the current connection, by listing them in "allowedAttributesEffective". This is broken since it doesn't consider the possibility of value-dependent ACLs, so it should really be considered just a http://www.acpirateradio.co.uk/ hint, while the "allowedAttributes" could really be computed starting from the schema definition, which remains the recommended way to solve the problem
So this overlay should really be considered only http://www.acpirateradio.co.uk/ food for thought as a starting base for a tighter integration of OpenLDAP into Samba4.
There's minimal support for "allowedChildClasses" and https://waytowhatsnext.com/ "allowedChildClassesEffective", whose definition is absolutely obscure to me, as I believe the only classes that can be added to an existing object are all the AUXILIARY ones, while considering what are effectively allowed implies getting into value-dependent ACLs. https://www.webb-dev.co.uk/ Some discussion can be found here (follow the thread) So I guess my recommendation for the notify call boils down to:
rc = sd_notify( 1, "READY=1" );
and a slapd.service along the lines of:
[Unit] Description=OpenLDAP server
[Service] Type=notify http://www.iu-bloomington.com/ ExecStart=%LIBEXECDIR%/slapd -h 'ldap:/// ldapi:///' -d0
[Install] WantedBy=multi-user.target
(basically identical to the example in systemd.service(5).)
Side note: the version message from slapd appears in the journal twice, once with the timestamp and once without...