Ingo Voss wrote: > > > Am 17.10.2015 um 20:58 schrieb Howard Chu: >> [email protected] wrote: >>> Full_Name: Ingo Voss >>> Version: >>> OS: >>> URL: ftp://ftp.openldap.org/incoming/contrib-slapd-modules-unicodepw.tar >>> Submission from: (NULL) (78.53.86.212) >>> >>> >>> Hello, >>> >>> I wrote a small overlay, that restricts all LDAP modification requests, so >>> that >>> only password changes for MS unicodePwd are possible. >>> All other LDAP requests will not be observed. >>> If someone needs a read-only proxy (in a e.g. dmz) for an MS Active >>> Directory, >>> but password changes must be possible, then unicodepw is the right overlay. >>> For more informations, a manual page is included. >> >> If you want a read-only proxy, shouldn't this overlay also intercept and >> deny all Add/Delete/ModDN requests? >> > > Yes, you are right! But such overlay (denyop) exist already and it is working > well. > The manual page for unicodepw refers to denyop and describes the complete > configuration in detail.
OK. This code is full of C++ comments. OpenLDAP uses C comments only. This code is full of SPACEs for indentation. OpenLDAP uses TAB characters for indentation, with 4-column tab stops. Your debug messages are using STATS debug level. STATS is reserved for LDAP operation/parameter logging only and is the default level. Code should be silent at the default level unless major errors have occurred. This code cannot be accepted in its current form. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
