access control pseudo-attributes 'entry'/'children' interfere with attributeType ( <oid> NAME <'entry' or 'children'> ... ). IIRC an old access control internet-draft used [entry] and [children] instead. Should we move to rename them that way? (Poorly timed question I know, should be for 2.5. Just a stray thought I wanted to bring up before I forget.) -- Hallvard