At 03:14 PM 12/7/2006, Quanah Gibson-Mount wrote:
--On Thursday, December 07, 2006 2:27 PM -0800 "Kurt D. Zeilenga" Kurt@OpenLDAP.org wrote:
[moved to devel]
Well, from a data model perspective, the attributes seems to belong to directory system agent, not user applications. Their values do change at the whim of the directory system agent. Also, if they were user applications attributes, they couldn't disallow user modification in their descriptions (modification would have to be denied by other means).
I do note that these attributes really should have usage dSAOperation not directoryOperation.
I think one could argue that in this case, slapd is the user application, and this is the data it is maintaining.
One can argue just about anything...
I also find the marking of them as operational as somewhat misleading.
Hmm.. the attribute are in the DsaIT not the DIT, not in a naming context (and cannot be instantitate in the DIT), take values specific to the DSA, have DSA local names, user changes to them impact DSA behavior (like changes to the log level), and are generally maintained by the DSA. I think it would be misleading not to mark them as operational, and specifically dSAOperation.
For monitoring clients (like all LDAP specific-purpose clients), they really should just ask for the particular monitor attributes they support, possibly using the @objectClass mechanism.
For browsing by humans (generally an administrator), the human can just ask for * and +.
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html