directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Julia Smith (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (DIR-320) ACL/ACI documentation section missing, filled with TODOs.
Date Tue, 10 Nov 2015 20:25:11 GMT

    [ https://issues.apache.org/jira/browse/DIR-320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14999281#comment-14999281
] 

Julia Smith edited comment on DIR-320 at 11/10/15 8:24 PM:
-----------------------------------------------------------

With no background in ldap, and learning from the ground up, I spent several days piecing
together directory studio documentation in order to actually perform due diligence on apacheDS
and directory studio. Simply put, I am dealing with this scenario: no documentation exists
and I am charged with examining _if_ an ldap server is suitable at all for our purposes.

I spent several days trying to get a workable openldap on windows and then on linux. For the
latter, I finally succeeded in locating a blog that covered installation and setup that was
consistent with the distro and not misinformation. At least now with that server, I can actually
install custom schema, setup a directory and setup acl and see that it works and evaluate
_some_ directory service for use in our products (not desktop). I am up and running, finally,
I have some grip on manipulating an ldap server and I have one can I experiment on.

You got your feedback: openldap (!) is easier to install, configure and eval than apacheDS
+ directory-studio is to install, configure and eval. openldap is "better" in this sense.



was (Author: jsmith@rgb):
With no background in ldap, and learning from the ground up, I spent several days piecing
together directory studio documentation in order to actually perform due diligence on apacheDS
and directory studio. Simply put, if no documentation exists and I am charged with examining
_if_ an ldap server is suitable at all for our purposes.

I spent several days trying to get a workable openldap on windows and then on linux. For the
latter, I finally succeeded in locating a blog that covered installation and setup that was
consistent with the distro and not misinformation. At least now with that server, I can actually
install custom schema, setup a directory and setup acl and see that it works and evaluate
_some_ directory service for use in our products (not desktop). I am up and running, finally,
I have some grip on manipulating an ldap server and I have one can I experiment on.

You got your feedback: openldap (!) is easier to install, configure and eval than apacheDS
+ directory-studio is to install, configure and eval. openldap is "better" in this sense.


> ACL/ACI documentation section missing, filled with TODOs.
> ---------------------------------------------------------
>
>                 Key: DIR-320
>                 URL: https://issues.apache.org/jira/browse/DIR-320
>             Project: Directory
>          Issue Type: Improvement
>          Components: sitedocs
>            Reporter: Julia Smith
>            Assignee: Emmanuel Lecharny
>
> I had to scrounge around on the web to find content for the authorization sections. Your
current release's documentation's chapters are simply filled with "TODO" when it comes to
defining grants/denials, which is a problem for people evaluating studio for use and might
limit its adaptation.
> Here is the version of documentation that actually still presents content. It actually
works with the current version of studio.
> https://directory.apache.org/apacheds/basic-ug/3.2-basic-authorization.html1
> You  might consider incorporating it into the current release's documentation.
> Also there is little or no apparent online discussion of ACI with the exception of a
PDF of what looks like a PPT presentation.
> http://people.apache.org/~ersiner/apachecon-us06/ac-us-06-FR20-ErsinEr-ApacheDS_Access_Control_Administration_The_X.500_Way.pdf



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message