Howard Chu wrote:
Michael Ströder wrote:
Why is it not allowed to use
NO-USER-MODIFICATION USAGE dSAOperation
in an attribute type declaration?
Because such an operational attribute requires server-side code to actually implement it, and you haven't got any means to provide that code. Custom operational attributes must be defined using code loaded in a module.
For OATH-LDAP I'd like to define a "virtual" attribute (actually to be processed by back-sock listener) without having to write a slapd overlay.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This *is* the server-side code!
It somewhat defeats the idea of back-sock or similar if I still have to implement an overlay to simply define appropriate schema (in my case for OATH-LDAP).
IMO it does not any harm to allow .schema files to contain such an attribute type description.
Ciao, Michael.