Le 20 mars 2012 09:32, Nick Milas nick@eurobjects.com a écrit :
On 20/3/2012 2:32 πμ, Chris Hiestand wrote:
As far as the sysadmin is concerned, slapd.conf allowed multi-line strings for ACLs and schemas. This yielded great readability
Although I also really totally respect project developers and appreciate every single effort for the fine OpenLDAP project, I too believe that there is room for usability improvements in dynamic configuration.
I am mostly using JXplorer for directory edits (including dynamic config), yet there are serious issues with readability and commenting, esp. with ACLs. (One might be interested to see some of my older posts on this matter, e.g.: http://www.openldap.org/lists/openldap-technical/201110/msg00186.html).
Recently, Harry Jede contributed a script to enable better readability (http://www.openldap.org/lists/openldap-technical/201203/msg00191.html), but IMHO this is not the right approach in improving config management. We would greatly appreciate it if the OpenLDAP team could *incorporate* some changes in the dynamic config so as to *help* admins manage the server. Writing custom applications/scripts for this job seems to me a wrong approach; if something causes problems to those exactly for whom it has been designed, then it should be re-evaluated. I am confident that the OpenLDAP people can sense the feelings and experiences of admins providing this feedback. We report with complete trust to the development team.
I don't think writing a custom ldap client is "simple". Or, as David Blank-Edelman requests, perhaps you have some example code showing how simple it is? ...
I'm having trouble imagining this being any more user-friendly than a decent LDAP client like Apache Directory Studio - which still isn't as readable as ACL .conf files.
I will have to agree. We can write applications (I use PHP) for directory management (when necessary, e.g. to facilitate complex tasks), but I would kindly request OpenLDAP design and development team to provide some usability features to help us avoid writing applications for configuration management too.
Hi,
As a complement of Apache Directory Studio, I would like to let you know that we are developing an OpenLDAP cn=config web administration interface : http://www.linid.org/projects/linid-om/wiki
You can download it and test it, we would appreciate any feedback on this product. We are of course aware that we still have a lot a features to implement, but the current stable version is already used by some of our customers to manage OpenLDAP configuration.
Clément.