Major Description
Although subtreeSpecification and the Administrative Model in general are really such great facilities, they need to be improved to meet today's directory deployment needs. The subtreeSpecification syntax as defined in RFC3672 allows entry selection based DIT geometry (base, minimum, maximum, chops) and object classes (like faculty, employee) which is called Refinements in X.500.
Nowadays LDAP directories are no longer being designed in a deeply hierarchical manner. They are more flat and the organization is based on attribute values with dynamic filters/groups/roles. So we need to improve the subtreeSpecification syntax to allow regular LDAP filters to be able to select DIT portions/entries according to attribute values.
The proposed extension schemes are discussed in the following cwiki page:
http://cwiki.apache.org/DIRxSRVx11/administrative-model-extensions.html