[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: v2.2.24 structural object class modification not allowed



Aleksandar Milivojevic wrote:
> Michael Ströder wrote:
> 
>> The administrator can simply delete the entry and re-add it with
>> appropriate structural object class chain. This feature is not necessary.
> 
> However, there are some issues with this.  First is
> the downtime.  Second is that dumping/readding entire database would
> probably have more severe impact on performance, then simply adding an
> attribute to existing object.

You should benchmark this before making this statement.

Note that your directory data in production should be compliant to
LDAP/X.500 model anyway to avoid further problems with LDAP apps making
assumption about standard schema. Therefore you only have to sanitize
your data exactly once.

> Even if it needs to be done to the single entry (as opposed to the
> entire database), AFAIK you can't perform an atomic delete/add operation
> on an entry.

This is a poor argument. If you really care about this you could easily
wrap these operations into a transaction within your data sanitizing
program (since you know yourself how to roll back in this case).

Again: You only have to sanitize your data exactly once. If your LDAP
apps continously write broken data into your server get your apps fixed.

> I mostly access LDAP servers through various APIs,

So do I.

Ciao, Michael.