On Tue, May 06, 2025 at 12:26:52PM +0000, Windl, Ulrich wrote: > Hi! > > Oh well, > the typical (data) administrator is using some frontend that just > shows objects' attributes, and it may not be quite obvious which ones > are "virtual": After all they (e.g. pwdPolicySubentry) are stored > permanently in the database (and they are synced, fortunately).
Hi, if they are this likely to shoot themselves in the foot, it is prudent of you as the system administrator to set up internal documentation and/or access control so that they are not going to. I'm afraid that's the only advice I can give you, it is impossible for the code to anticipate every eventuality. Regards, -- Ondřej Kuzník Senior Software Engineer Symas Corporation http://www.symas.com Packaged, certified, and supported LDAP solutions powered by OpenLDAP
