[prev in list] [next in list] [prev in thread] [next in thread]
List: openldap-bugs
Subject: Re: (ITS#7795) "manage" access right needs better description
From: michael () stroeder ! com
Date: 2014-01-31 18:22:36
Message-ID: 201401311822.s0VIMapl019153 () boole ! openldap ! org
[Download RAW message or body]
pierangelo.masarati@polimi.it wrote:
> On 01/31/2014 06:44 PM, michael@stroeder.com wrote:
>> pierangelo.masarati@polimi.it wrote:
>>> On 01/31/2014 05:49 PM, quanah@OpenLDAP.org wrote:
>>>> What does administrative access mean?
>>>
>>> It allows write when write is granted and the "relax" control is
>>> present. In practice, those who have "manage" access can perform those
>>> normally "prohibited" operations described in draft-zeilenga-ldap-relax.
>>
>> I wish this explanation would catch all cases.
>>
>> I vaguely remember that before the birth of draft-zeilenga-ldap-relax some
>> (overlays?) misused the Manage DSA IT control for that purpose.
>
> "manageDIT" was renamed to "relax" because it was too similar to
> "manageDSAit".
Yes, I know. I meant it literally mentioning "Manage DSA IT control".
Ciao, Michael.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic