Russ Allbery wrote:
Gavin Henry ghenry@OpenLDAP.org writes:
I'd love to also see, "It would be really helpful if x, y and x was covered".
Ask and you shall receive. It would be really helpful if the slapd.access man page said something more useful than:
The statement set=<pattern> is undocumented yet.
Anything but that. ;)
Sets are still experimental. The only existing doc is in the FAQ. http://www.openldap.org/faq/index.cgi?file=1133
The syntax was recently (just a couple days ago) extended as noted in that FAQ article.
They will likely continue to be experimental for some time yet.
In this particular case, it would help to get out of the experimental phase if someone would write a spec of what sets *should* be able to do. I.e., we've talked about "it would be cool if sets could be combined with regexes" but no one has ever taken the time to define what that would mean.
So, for those of you using sets - why are they useful to you, and in what ways are they still too limited? I personally am concerned that they are too expensive to evaluate; if we could provide similar features using a less general model that would be worth exploring too.