How do we correct mistakes in the Admin guide?

Latest response

How do we go about correcting mistakes in the Administration Guide?

In Section 12.3.3, It talks about creating the acl for the sync user. However in the examples, it uses aci instead of acl.

After spending a few hours on this, I can verify that "aci" is incorrect.

Responses

You are most welcome to log a bug against the RHDS product "Doc - administration guide" component at https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20Directory%20Server or one of us can do it for you. Well-qualified examples like this with a section number and exact old/new correction text are greatly appreciated.

However looking in the 12.3.3 section, I could not find mention of ACL, only ACI:

Jamie,

1st, I did do a little bit of research and found that I perhaps phrased my request incorrectly. I now know more about the Access Control Instructions, and can better describe the problem.

2nd, In my research I have found the same error as far back in the documentation as RHDS 8.2. What really surprises me is that this was not caught before. Or perhaps it was, but was not considered important enough to change.

3rd, Our company does not allow access the the bugzilla through our firewall, so I am unable to submit a bug report.

Here is the full info on the error.

In section 12.3.3, the instructions have this line,

aci: (targetattr="userPassword")(version 3.0;aci "password sync";allow (write,compare) userdn="ldap:///cn=sync user,cn=config";)

Note the line begins with aci, which is correct. However, notice the spot after the Version 3.0. It also uses aci which is NOT correct. Looking at section 13.3.1 which describes the ACI syntax, we get this line.

aci: (target)(version 3.0;acl "name";permissionbind_rules;)

Note that that after the Version info, the word is acl, not another aci. Therefore, the command that is listed as:

aci: (targetattr="userPassword")(version 3.0;aci "password sync";allow (write,compare) userdn="ldap:///cn=sync user,cn=config";)

Should be:

aci: (targetattr="userPassword")(version 3.0;acl "password sync";allow (write,compare) userdn="ldap:///cn=sync user,cn=config";)

It is a subtle difference, but it does make a big difference. The first gives a syntax error and does not allow the Password Sync to update passwords, while the second line works. The first line also generates many hours of troubleshooting and frustration.

Frank

Frank, that's perfect, thank you very much for your efforts here.

Please rest assured we're committed to making the documentation as accurate as possible, we have entire content teams for each product who are dedicated to this goal, there's no way we'd find an issue and not fix it. We usually only fix things in the current version, though sometimes historic changes to old books are also made.

I've logged Red Hat Bug 1426445 - RHDS Admin Guide uses "aci" instead of "acl" in a command to address this in the current book, and I've asked if we would also fix the historic books.

Hello,

thanks for reporting this problem in BZ. I fixed it in the DS 10.1 and 9.1 guides. The 8.x guides are only for reference on the Customer Portal and no longer maintained, because DS 8 is end of life.

You had luck. I planned to republish the DS guides today or at the beginning of next week. This means, the fix will be included. :-)

Regards, Marc