[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldapmodify/LDIF problem.
At 03:45 PM 7/8/99 +0100, Martin Evans wrote:
>Hello all,
>
>We may have discovered a bug with the the interpretation of the
>changetype replace mode of the LDIF file format used by the ldapmodify
>command line tool. And would like some advice.
>
>The problem is illustrated by the with following LDIF:
>
>dn: cn=A Person, ou=my dept, o=The College, c=GB
>changetype: modify
>replace: mail
>-
>
>The book `LDAP - Programming Directory-Enabled Applications with
>Lightweight Directory Access Protocol' (Howes & Smith, MacMillan
>1997) claims that if the "replace: mail" line is not followed by any
>attribute lines (e.g. mail: m.person@college.ac.uk). It is meant to
>delete any mail attribute in the directory entry and not generate an
>error if they do not exist. It does not do so - in fact it does not
>change the entry or generate an error.
>
>We dont want to use the delete: method as this generates an error if the
>attribute is not in the entry.
>
>Is the books interpretation of LDIF correct?
Well, it's "correct" in regards to Netscape LDIF. U-Mich LDIF
(which OpenLDAP implements) requires that a "replace:" directive
be followed by something to replace.
>Is there a current LDIF specification (RFC?) available
>(preferably on the web - for free).
There is a draft specification for LDIF authored by Gordon Good.
http://search.ietf.org/internet-drafts/draft-good-ldap-ldif-04.txt
Until such time that an standard-track RFC is published (and implemented),
each vendor will likely have their quirks. However, most should accept
U-Mich LDIF. See ldif(5) and slapd.replog(5) for a specification
of U-Mich LDIF.
We have an effort to upgrade our LDIF support to LDIF2. I would
prefer to discuss your patch in this context.
>I've modified a local version of the ldapmodify.c from the 1.2.3
>distribution to impliment this behavior as it is useful to our LDAP
>implimentation. However, the only way I could prevent `Constraint
>voliation' errors being returned was to replace and delete a null the
>attribute from entry. e.g. When no replace: attribute lines have been
>read in I call
>
> addmodifyop( &pmods, LDAP_MOD_REPLACE, value, NULL,0 );
> addmodifyop( &pmods, LDAP_MOD_DELETE, value, NULL,0 );
>
>Your opinions would be apreciated.
I need to consider the semantical difference of:
dn: cn=A Person, ou=my dept, o=The College, c=GB
changetype: modify
replace: mail
-
versus:
dn: cn=A Person, ou=my dept, o=The College, c=GB
changetype: modify
delete: mail
-
before commenting on the your code changes.