>>> Peter Gietz <[email protected]> schrieb am 09.09.2020 um 17:45 in Nachricht <[email protected]>: > To add to Quanah's right statement: > > Generally operational attributes are those attributes that are managed > by the server and not by the clients, e.g. modifyTimeStamp etc. Since > the server manages memberOf on the fly (based on the client managed > member attribute in group objects) it is IMO rightly marked as operational.
Hi! That is one aspect; the other aspect is "who _uses_ the attribute?". Typically clients don't care about modifyTimeStamp (maybe even they are not allowed to read it), but obviously memberOf is something the client cares about, because it'S essential information. Regards, Ulrich > > Cheers, > > Peter > > > Am 03.09.20 um 17:16 schrieb Quanah Gibson-Mount: >> >> >> --On Thursday, September 3, 2020 9:26 AM +0200 Ulrich Windl >> <[email protected]> wrote: >> >>> I thought operational attributes are mainly for "internal management >>> purposes". Are there any rules what makes an attribute operational? >> >> Depends on the attribute. Most are defined such via RFC. In the case >> of memberOf, there is no RFC, so we match how Microsoft has set the >> attribute, since they originated it. They marked it operational. >> >> Regards, >> Quanah >> >> >> -- >> >> Quanah Gibson-Mount >> Product Architect >> Symas Corporation >> Packaged, certified, and supported LDAP solutions powered by OpenLDAP: >> <http://www.symas.com> > > -- > > Peter Gietz, CEO > > DAASI International GmbH > Europaplatz 3 > D-72072 Tübingen > Germany > > phone: +49 7071 407109-0 > fax: +49 7071 407109-9 > email: [email protected] > web: www.daasi.de > > Sitz der Gesellschaft: Tübingen > Registergericht: Amtsgericht Stuttgart, HRB 382175 > Geschäftsleitung: Peter Gietz
