[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Invalid Add operations allowed (ITS#2243)



>
>>> Could we make the non-BAILOUT behaviour (add RDN attributes
>>> not specified in the entry) a configure- or run-time option?
>>>
>>> Unfortunately we must deal with some clients, such as Active
>>> Directory, that do not always include the RDN attribute in
>>> the entry.
>>
>>Personally, I don't like it; however, it is currently
>>a compile option: #undef BAILOUT in servers/slapd/add.c
>>and you get the desired behavior.  It can be easily turned
>
> I have done that (#undef BAILOUT) for the moment. However we
> would prefer to use an unmodified OpenLDAP tree where possible...

I'm in favour of having both behaviors in the main tree, with
a preference for the BAILOUT case

>
>>into a config option, but I'd consider it confusing and
>>misleading.  Maybe it could be part of the "schemacheck off"
>>option...
>
> How about an undocumented option? :-)

I'd prefer documented options.  Since I understand
there may be need for this "soft" case, and since this would
harmonize with the behavior of existing implementations,
I would not oppose a config option, with default to BAILOUT,
of course.

Ando.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it