Hi everyone,
I just switched our servers from slapd.conf to cn=config in slapd.d, and I'm a bit annoyed with my ACLs now. The problem is that olcAccess attributes tend to be somewhat lengthy and I'd really appreciate some newlines in them, but slapd seems to eat those. Is there any way to tell the server to preserve the newlines in attribute values, or maybe use some other character that causes a line break? Of course I might edit the files in /etc/slapd.d, but then the whole cn=config thingy becomes pointless, doesn't it?
greetings, Victor
Victor Mataré matare@lih.rwth-aachen.de writes:
Hi everyone,
I just switched our servers from slapd.conf to cn=config in slapd.d, and I'm a bit annoyed with my ACLs now. The problem is that olcAccess attributes tend to be somewhat lengthy and I'd really appreciate some newlines in them, but slapd seems to eat those. Is there any way to tell the server to preserve the newlines in attribute values, or maybe use some other character that causes a line break? Of course I might edit the files in /etc/slapd.d, but then the whole cn=config thingy becomes pointless, doesn't it?
An access rule is the value of the attribute type olcAccess, thus the rule has to be treated according to value specifications of LDIF (rfc2849).
-Dieter
On 2010.08.31 10.18, Dieter Kluenter wrote:
Victor Matarématare@lih.rwth-aachen.de writes:
Hi everyone,
I just switched our servers from slapd.conf to cn=config in slapd.d, and I'm a bit annoyed with my ACLs now. The problem is that olcAccess attributes tend to be somewhat lengthy and I'd really appreciate some newlines in them, but slapd seems to eat those. Is there any way to tell the server to preserve the newlines in attribute values, or maybe use some other character that causes a line break? Of course I might edit the files in /etc/slapd.d, but then the whole cn=config thingy becomes pointless, doesn't it?
An access rule is the value of the attribute type olcAccess, thus the rule has to be treated according to value specifications of LDIF (rfc2849).
some ldap clients/browsers support different editors for different types of data. for example, in my case, i use apache directory studio quite a bit, and was able to configure it so that when editing olcaccess attributes, it uses it's built in multiline text editor rather than the default inline editor. this allows for some formatting, making things a bit more readable.
obviously this doesn't address readability outside of the browser, and also adds seemingly odd whitespace to someone who doesn't know why it's there, so there is a bit of a trade off. worth it in my opinion though.
-b
-b,
btb@bitrate.net schrieb am 31.08.2010 16:47 Uhr:
some ldap clients/browsers support different editors for different types of data. for example, in my case, i use apache directory studio quite a bit, and was able to configure it so that when editing olcaccess attributes, it uses it's built in multiline text editor rather than the default inline editor. this allows for some formatting, making things a bit more readable.
Can you please explain a bit more in detail how you did that? Thanks!
Marc
On Sep 01, 2010, at 10.14, Marc Patermann wrote:
-b,
btb@bitrate.net schrieb am 31.08.2010 16:47 Uhr:
some ldap clients/browsers support different editors for different types of data. for example, in my case, i use apache directory studio quite a bit, and was able to configure it so that when editing olcaccess attributes, it uses it's built in multiline text editor rather than the default inline editor. this allows for some formatting, making things a bit more readable.
Can you please explain a bit more in detail how you did that? Thanks!
specifically, in apache directory studio, you can do the following:
preferences -> apache directory studio -> ldap browser -> value editors. then, in the "value editors by attribute types", add a new item. if your dit is set up properly, you should be able to choose olcaccess from the list box for "attribute type or oid:", and then select text editor from the "value editor" list box.
once you've saved those settings, double clicking on an olcaccess entry will open the built in text editor instead of using the in place editor.
-ben
ben,
ben thielsen schrieb am 08.09.2010 23:42 Uhr:
On Sep 01, 2010, at 10.14, Marc Patermann wrote:
btb@bitrate.net schrieb am 31.08.2010 16:47 Uhr:
some ldap clients/browsers support different editors for different types of data. for example, in my case, i use apache directory studio quite a bit, and was able to configure it so that when editing olcaccess attributes, it uses it's built in multiline text editor rather than the default inline editor. this allows for some formatting, making things a bit more readable.
Can you please explain a bit more in detail how you did that?
specifically, in apache directory studio, you can do the following:
preferences -> apache directory studio -> ldap browser -> value editors. then, in the "value editors by attribute types", add a new item. if your dit is set up properly, you should be able to choose olcaccess from the list box for "attribute type or oid:", and then select text editor from the "value editor" list box.
once you've saved those settings, double clicking on an olcaccess entry will open the built in text editor instead of using the in place editor.
Thanks, I found it. BTW it is in the context menu, too. If it is needed only now and then.
Thanks
Marc
openldap-technical@openldap.org