[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: v2.2.24 structural object class modification not allowed

To: Aleksandar Milivojevic <amilivojevic@pbl.ca>
Subject: Re: v2.2.24 structural object class modification not allowed
From: Michael Ströder <michael@stroeder.com>
Date: Wed, 04 May 2005 19:56:44 +0200
Cc: openldap-software@OpenLDAP.org
In-reply-to: <4278D9BE.4070304@pbl.ca>
References: <4256CBE6.40604@uwm.edu> <4256FC6D.3060407@sys-net.it> <42573649.3000606@curtronics.com> <42576A54.3070403@sys-net.it> <426176AB.9030605@curtronics.com> <42655392.1080908@uwm.edu> <4266A504.3050003@uwm.edu> <4266B983.2070809@uwm.edu> <4269F64A.8000601@uwm.edu> <426A4F4D.8050306@symas.com> <426D01C9.3040702@uwm.edu> <426D0E8B.4050906@symas.com> <426D178C.2070408@uwm.edu> <426D1B56.4080201@symas.com> <426D2386.5040601@uwm.edu> <426DF07E.3040901@curtronics.com> <42714062.4060704@uwm.edu> <6.2.1.2.0.20050428213338.0270e870@mail.openldap.org> <4277C853.6030206@pbl.ca> <42786683.6060103@stroeder.com> <4278D9BE.4070304@pbl.ca>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.7) Gecko/20050414

Aleksandar Milivojevic wrote:
> Michael Ströder wrote:
> 
>> The administrator can simply delete the entry and re-add it with
>> appropriate structural object class chain. This feature is not necessary.
> 
> However, there are some issues with this.  First is
> the downtime.  Second is that dumping/readding entire database would
> probably have more severe impact on performance, then simply adding an
> attribute to existing object.

You should benchmark this before making this statement.

Note that your directory data in production should be compliant to
LDAP/X.500 model anyway to avoid further problems with LDAP apps making
assumption about standard schema. Therefore you only have to sanitize
your data exactly once.

> Even if it needs to be done to the single entry (as opposed to the
> entire database), AFAIK you can't perform an atomic delete/add operation
> on an entry.

This is a poor argument. If you really care about this you could easily
wrap these operations into a transaction within your data sanitizing
program (since you know yourself how to roll back in this case).

Again: You only have to sanitize your data exactly once. If your LDAP
apps continously write broken data into your server get your apps fixed.

> I mostly access LDAP servers through various APIs,

So do I.

Ciao, Michael.

Follow-Ups:
- Re: v2.2.24 structural object class modification not allowed
  - From: Aleksandar Milivojevic <amilivojevic@pbl.ca>

References:
- Re: v2.2.24 structural object class modification not allowed
  - From: Aleksandar Milivojevic <amilivojevic@pbl.ca>
- Re: v2.2.24 structural object class modification not allowed
  - From: Michael Ströder <michael@stroeder.com>
- Re: v2.2.24 structural object class modification not allowed
  - From: Aleksandar Milivojevic <amilivojevic@pbl.ca>

Prev by Date: Re: URI Question
Next by Date: Re: v2.2.24 structural object class modification not allowed
Index(es):
- Chronological
- Thread