Re: Record Locking Proposal

[Jim C <jcllings@tsunamicomm.net>]

Jim C wrote:
> What about creating a semaphore objectclass?
...
> know how we can grant access to "all" if the value is blank or if it is 
> set to a specific value?

I think I can answer this one also now.  When one designs one's scripts, 
one simply makes sure that they agree on what the "blank" dn is.  You 
use that dn to attempt a modify and if it fails you don't get access or 
you write in a loop that waits x number of seconds between retries etc.

Hm.... no wait. maybe we don't even need a changeable dn...

Let's say that per S.O.P. we are keeping the value of the next available 
uidNumber in the database.  Let's say in dn=proxyuser,dc=example,dc=net.

When we do our modify, we maybe can protect against having had the value 
already changed by specifying the retrieved value in the dn for the modify.

/*
Note: This example is in PHP.
Previous search for uidNumber places value in a variable called $number
*/

$booleantest=ldap_mod_replace($ds,"uidNumber=$number,cn=proxyuser,dc=microverse,dc=net", 
$changed_entry);

Assumeing that "uidNumber=$number,cn=proxyuser,dc=microverse,dc=net" is 
proper syntax for an attribute's specific dn AND assumeing that dn 
integrity is enforced by the database and not the function ( none which 
I am sure of ), if uidNumber has been changed the above will fail and 
$booleantest will be false!!

If this or something like it works, it will be a technique by which a 
semantic synanym for semaphoric behaviour can be implemented over many 
machines and by any language that can access LDAP. :):):):)