[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: change in behavior from 1.2.x to 2.x (was "Re: Schemacheck")

To: OpenLDAP-software <OpenLDAP-software@OpenLDAP.org>
Subject: Re: change in behavior from 1.2.x to 2.x (was "Re: Schemacheck")
From: post+openldap@macallister.grass-valley.ca.us
Date: Mon, 04 Jun 2001 00:34:18 -0700
Content-disposition: inline

--On Wednesday, May 23, 2001 8:00 AM +0200 Pierangelo Masarati <pmasarati@bci.it> wrote:

Jason Crickmer wrote:

Isn't this a pretty substantial change from the 1.2 releases?  With
my current level of knowledge of slapd, this 'feature' alone will
prevent us from upgrading from 1.2.9 to 2.0.7.  Is there anything
that can be done at the compilation level (e.g., set a flag, apply a
patch, etc...) to get around this issue?


Consider that setting "schemacheck" to "off" was strongly
discouraged also in OpenLDAP 1.2.X

Why this is a good idea is beyond me. I worked at a software vendor for years that sold an X.500 directory to be able to provide our customers with LDAP client functionality in their SMTP server. The concept of a directory, even X.500, is wonderful for network applications, but the biggest single problem that we had in helping customers install the X.500 directy was helping them define directories that made sense for their organizations. We put up with X.500 until stand alone LDAP servers became viable, and the first LDAP server that we shipped had the ability to turn off schema checking.

This was like night and day in terms of usage of our directory products. Our X.500 directory was used by only a fraction of those that bought it. Our LDAP directory is used by essentially every one that purchased it. Yes, that's right, there are a lot of organizations that purchased an X.500 directory solution and never got it to do any useful work for them.

I understand that one of the ideas is to "protect the integrity" of the directory. But, many, many directory applications have tightly controlled directories that don't need extra protection beyond what is provided by the application itself and certainly can do without the added overhead.

I would be more sympathic to schema checking if I was told it made the coding to support schemacheck off was significant. But, even if this is the case it should be easier to define custom attributes. I just don't need to learn another data defintion language to be able to add an attribute or two. Something like:

  customerAttibute: attribute-name data-type

If an OID is needed for the operation of the server, then generate one. Personally I don't read OID fluently and I would just as soon never see one again. You know, if us Internet types thought that the OID style guide was anything to live by then the DNS would never have been developed.

The disregard for the installed base reminds me of the X.400-1984 to X.400-1988 change. That change essentially killed any chance X.400 had of becoming widely deployed. I thought that LDAP had killed ACAP for email applications, but given this type of "enhancement" to OpenLDAP maybe not.

Bill

Pierangelo.

--
Dr. Pierangelo Masarati    mailto:ando@sys-net.it
Developer, SysNet s.n.c.   http://www.sys-net.it


+---

+-------------------------------------------------
| Bill MacAllister
| 14219 Auburn Road
| Grass Valley, CA 95959
| Phone: 530-272-8555

Prev by Date: I cried
Next by Date: RE: Problems coding password handling in PERL
Index(es):
- Chronological
- Thread