Le 20 mars 2012 09:32, Nick Milas <[email protected]> a écrit : > On 20/3/2012 2:32 πμ, Chris Hiestand wrote: > >> As far as the sysadmin is concerned, slapd.conf allowed multi-line strings >> for ACLs and schemas. This yielded great readability > > > Although I also really totally respect project developers and appreciate > every single effort for the fine OpenLDAP project, I too believe that there > is room for usability improvements in dynamic configuration. > > I am mostly using JXplorer for directory edits (including dynamic config), > yet there are serious issues with readability and commenting, esp. with > ACLs. (One might be interested to see some of my older posts on this matter, > e.g.: > http://www.openldap.org/lists/openldap-technical/201110/msg00186.html). > > Recently, Harry Jede contributed a script to enable better readability > (http://www.openldap.org/lists/openldap-technical/201203/msg00191.html), but > IMHO this is not the right approach in improving config management. We would > greatly appreciate it if the OpenLDAP team could *incorporate* some changes > in the dynamic config so as to *help* admins manage the server. Writing > custom applications/scripts for this job seems to me a wrong approach; if > something causes problems to those exactly for whom it has been designed, > then it should be re-evaluated. I am confident that the OpenLDAP people can > sense the feelings and experiences of admins providing this feedback. We > report with complete trust to the development team. > >> I don't think writing a custom ldap client is "simple". Or, as David >> Blank-Edelman requests, perhaps you have some example code showing how >> simple it is? >> ... >> >> I'm having trouble imagining this being any more user-friendly than a >> decent LDAP client like Apache Directory Studio - which still isn't as >> readable as ACL .conf files. > > > I will have to agree. We can write applications (I use PHP) for directory > management (when necessary, e.g. to facilitate complex tasks), but I would > kindly request OpenLDAP design and development team to provide some > usability features to help us avoid writing applications for configuration > management too.
Hi, As a complement of Apache Directory Studio, I would like to let you know that we are developing an OpenLDAP cn=config web administration interface : http://www.linid.org/projects/linid-om/wiki You can download it and test it, we would appreciate any feedback on this product. We are of course aware that we still have a lot a features to implement, but the current stable version is already used by some of our customers to manage OpenLDAP configuration. Clément.
