[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: v2.2.24 structural object class modification not allowed
- To: Aleksandar Milivojevic <amilivojevic@pbl.ca>
- Subject: Re: v2.2.24 structural object class modification not allowed
- From: Michael Ströder <michael@stroeder.com>
- Date: Wed, 04 May 2005 19:56:44 +0200
- Cc: openldap-software@OpenLDAP.org
- In-reply-to: <4278D9BE.4070304@pbl.ca>
- References: <4256CBE6.40604@uwm.edu> <4256FC6D.3060407@sys-net.it> <42573649.3000606@curtronics.com> <42576A54.3070403@sys-net.it> <426176AB.9030605@curtronics.com> <42655392.1080908@uwm.edu> <4266A504.3050003@uwm.edu> <4266B983.2070809@uwm.edu> <4269F64A.8000601@uwm.edu> <426A4F4D.8050306@symas.com> <426D01C9.3040702@uwm.edu> <426D0E8B.4050906@symas.com> <426D178C.2070408@uwm.edu> <426D1B56.4080201@symas.com> <426D2386.5040601@uwm.edu> <426DF07E.3040901@curtronics.com> <42714062.4060704@uwm.edu> <6.2.1.2.0.20050428213338.0270e870@mail.openldap.org> <4277C853.6030206@pbl.ca> <42786683.6060103@stroeder.com> <4278D9BE.4070304@pbl.ca>
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.7) Gecko/20050414
Aleksandar Milivojevic wrote:
> Michael Ströder wrote:
>
>> The administrator can simply delete the entry and re-add it with
>> appropriate structural object class chain. This feature is not necessary.
>
> However, there are some issues with this. First is
> the downtime. Second is that dumping/readding entire database would
> probably have more severe impact on performance, then simply adding an
> attribute to existing object.
You should benchmark this before making this statement.
Note that your directory data in production should be compliant to
LDAP/X.500 model anyway to avoid further problems with LDAP apps making
assumption about standard schema. Therefore you only have to sanitize
your data exactly once.
> Even if it needs to be done to the single entry (as opposed to the
> entire database), AFAIK you can't perform an atomic delete/add operation
> on an entry.
This is a poor argument. If you really care about this you could easily
wrap these operations into a transaction within your data sanitizing
program (since you know yourself how to roll back in this case).
Again: You only have to sanitize your data exactly once. If your LDAP
apps continously write broken data into your server get your apps fixed.
> I mostly access LDAP servers through various APIs,
So do I.
Ciao, Michael.