[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Record Locking Proposal

To: Jim C <jcllings@tsunamicomm.net>
Subject: Re: Record Locking Proposal
From: Frank Swasey <Frank.Swasey@uvm.edu>
Date: Fri, 24 Jan 2003 08:44:07 -0500 (EST)
Cc: openldap-software@OpenLDAP.org
In-reply-to: <3E3072F9.1040203@tsunamicomm.net>

If you want to put the uidNumber in the DN, you should look at whatever 
you need to do in PHP to generate a MODRDN call... here's the ldapmodify 
ldif syntax you'd want....

------8<--------8<--------8<--------8<-------8<-------
dn: uidNumber=$number,cn=proxyuser,dc=microverse,dc=net
changetype: modrdn
newrdn: uidNumber=$newnumber
deleteoldrdn: 1
------8<--------8<--------8<--------8<-------8<-------

Have fun... 
F

On Jan 23 at 2:55pm, Jim C wrote:

> Jim C wrote:
> > What about creating a semaphore objectclass?
> ...
> > know how we can grant access to "all" if the value is blank or if it is 
> > set to a specific value?
> 
> I think I can answer this one also now.  When one designs one's scripts, 
> one simply makes sure that they agree on what the "blank" dn is.  You 
> use that dn to attempt a modify and if it fails you don't get access or 
> you write in a loop that waits x number of seconds between retries etc.
> 
> Hm.... no wait. maybe we don't even need a changeable dn...
> 
> Let's say that per S.O.P. we are keeping the value of the next available 
> uidNumber in the database.  Let's say in dn=proxyuser,dc=example,dc=net.
> 
> When we do our modify, we maybe can protect against having had the value 
> already changed by specifying the retrieved value in the dn for the modify.
> 
> /*
> Note: This example is in PHP.
> Previous search for uidNumber places value in a variable called $number
> */
> 
> $booleantest=ldap_mod_replace($ds,"uidNumber=$number,cn=proxyuser,dc=microverse,dc=net", 
> $changed_entry);
> 
> Assumeing that "uidNumber=$number,cn=proxyuser,dc=microverse,dc=net" is 
> proper syntax for an attribute's specific dn AND assumeing that dn 
> integrity is enforced by the database and not the function ( none which 
> I am sure of ), if uidNumber has been changed the above will fail and 
> $booleantest will be false!!
> 
> If this or something like it works, it will be a technique by which a 
> semantic synanym for semaphoric behaviour can be implemented over many 
> machines and by any language that can access LDAP. :):):):)
> 
> 
> 

-- 
Frank Swasey                    | http://www.uvm.edu/~fcs
Systems Programmer              | Always remember: You are UNIQUE,
University of Vermont           |    just like everyone else.
                    === God Bless Us All ===

References:
- Re: Record Locking Proposal
  - From: Jim C <jcllings@tsunamicomm.net>

Prev by Date: displaying LDAP user based ACL information on DSA
Next by Date: Problem trying to get samba working
Index(es):
- Chronological
- Thread