Re: cn=config default access control

[Derek Zhou <derek@shannon-data.com>]

On November 17, 2018 7:37:40 AM GMT+08:00, Quanah Gibson-Mount <quanah@symas.com> wrote:
>--On Friday, November 16, 2018 10:11 AM +0800 Derek Zhou 
><derek@shannon-data.com> wrote:
>
>> My argument is why isn't it the default?
>A couple of immediate answers come to mind, there are probably more:
>
>a) OpenLDAP is used on numerous operating systems.  Not all of those 
>operating systems support UNIX sockets.
>
>b) Not everyone configures slapd for use with ldapi
>
I see. But is it the most recommended way to review and edit cn=config on a unix like platform? If so, that should earn itself a spot on the quick start guide. If not, and simple auth is the way, that should be mentioned instead. Been able to edit config on a live system is a great feature, it is a shame that people only read the quick start guide dont know about it.
>Once cn=config is the only way to configure OpenLDAP, such
>documentation 
>will be removed.  However, that won't be occurring in OpenLDAP 2.5,
>which 
>is the next major release, so it is valid for this documentation to
>remain 
>in OpenLDAP master for the time being.
>
you guys are really stingy on version numbers. just an observation. 

derek