Hallvard B Furuseth wrote:
Note that people _also_ confuse rootdn with the suffix, since the suffix is the root of the backend's tree (and is described as that some places, though I don't remember where at the moment).
Maybe it'd help to instead describe is at the "top" of the database's LDAP tree.
ldapadmin-dn, ldapadmin-pw?
I realize this is in no way a "standard", but the use of certain terms has been the convention within LDAP circles for quite some time. In this case, suffix ("root"), rootdn, rootpw are not only used by OpenLDAP, but also by several other vendors, and used in the same contexts with the same meanings. My argument here is not to "do what the other guy is doing", but rather if there is something which is common across a domain why force a change and further confusion? Maintaining common concepts like this makes for easier acceptance and migration (not of the server, but of the operator).
That's far from obvious to a number of LDAP beginner who just wants to set up LDAP and get it to work. The learning curve is fairy steep, so many seem to skim the doc a bit too fast.
I agree it can be steep, but there are sufficient "howtos" and quick start guides (especially when you look at individual products) that I do not see this as being that critical of a problem. If there is confusion here on the part of a beginner, then it is either a documentation problem (possible improvement here) or something that can be quickly resolved by a few simple searches. Example: first hit off of a Google search for "openldap quickstart": http://www.openldap.org/doc/admin23/quickstart.html
If there is confusion, fix it with better documentation, including possibly tutorial or glossary updates, rather than modifying code. But then again, what do I know... probably not much.
chris btw, Hi. I've been lurking for a while and finally decided to post.