Hallvard B Furuseth wrote:
Note that people _also_ confuse rootdn with the suffix, since the
is the root of the backend's tree (and is described as that some places,
though I don't remember where at the moment).
Maybe it'd help to instead describe is at the "top" of the database's
I realize this is in no way a "standard", but the use of certain terms
has been the convention within LDAP circles for quite some time. In
this case, suffix ("root"), rootdn, rootpw are not only used by
OpenLDAP, but also by several other vendors, and used in the same
contexts with the same meanings. My argument here is not to "do what
the other guy is doing", but rather if there is something which is
common across a domain why force a change and further confusion?
Maintaining common concepts like this makes for easier acceptance and
migration (not of the server, but of the operator).
That's far from obvious to a number of LDAP beginner who just
to set up LDAP and get it to work. The learning curve is fairy steep,
so many seem to skim the doc a bit too fast.
I agree it can be steep, but there are sufficient "howtos" and quick
start guides (especially when you look at individual products) that I do
not see this as being that critical of a problem. If there is confusion
here on the part of a beginner, then it is either a documentation
problem (possible improvement here) or something that can be quickly
resolved by a few simple searches. Example: first hit off of a Google
search for "openldap quickstart":
If there is confusion, fix it with better documentation, including
possibly tutorial or glossary updates, rather than modifying code. But
then again, what do I know... probably not much.
btw, Hi. I've been lurking for a while and finally decided to post.