[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
modrdn: deleteoldrdn question
Background:
I've been working with OpenLDAP for about two years now and have
our main directory working fine. We are now expanding to do a regular
feed of LDAP data into Active Directory. When people change their
affilations with the University, we move their entry into a new branch
of the information tree by using a modrdn operation. The operation is
one that looks like:
dn: cn=joe,ou=People,dc=example,dc=com
changetype: modrdn
newrdn: cn=joe
deleteoldrdn: 0
newsuperior: ou=Expired,dc=example,dc=com
This works just fine in OpenLDAP. However, when I perform the same
operation against ActiveDirectory, it yells and screams and refuses to
perform the operation returing a message that deleteoldrdn must be TRUE.
In fact, it does work and works properly if I change the value of
deleteoldrdn to 1 (and it also works in OpenLDAP).
Reading RFC2251, I see that the server may refuse to perform if the
setting of deleteoldrdn would cause an inconsistency in the schema.
Question:
I'm left wondering, is OpenLDAP bending the rules a little and
ActiveDirectory just very strictly following RFC2251 (since it would
appear that I am violating schema by asking for two identical CN
values)?
Thanks,
--
Frank Swasey | http://www.uvm.edu/~fcs
Systems Programmer | Always remember: You are UNIQUE,
University of Vermont | just like everyone else.
=== God bless all inhabitants of your planet ===