30 May
2008
30 May
'08
9:06 a.m.
Andrew Findlay wrote:
If I force the name of the policy into pwdPolicySubentry then it does take effect, but that is not the point: the subentry should set this attribute automatically.
The problem may be that the root of the subtree is not marked as an administration point: OpenLDAP 2.3.39 knows about the administrativeRole attribute but seems to have 'not implemented' hard-wired into the result code.
Are subentries expected to work, or am I mis-reading something here?
Nope, that functionality is not implemented. Currently the only approach is to set explicit values in the pwdPolicySubentry attribute of various entries.
The alternative is to extend the collect.c overlay for this purpose.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/