[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: NOOP and case change renames

To: Andrew Bartlett <abartlet@samba.org>
Subject: Re: NOOP and case change renames
From: Howard Chu <hyc@symas.com>
Date: Wed, 09 Jan 2008 18:37:07 -0800
Cc: Pierangelo Masarati <ando@sys-net.it>, openldap-technical@openldap.org
In-reply-to: <1199930025.3304.43.camel@naomi>
References: <1199930025.3304.43.camel@naomi>
User-agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.9b3pre) Gecko/2008010217 SeaMonkey/2.0a1pre

Andrew Bartlett wrote:

I'm up against my next challenge in the great challenge of Samba4 and
OpenLDAP.

As metioned on openldap-devel, I've hit up against renaming DNs onto
themselves.

For example, I previously mentioned
cn=ldaptestuser2,cn=users,DC=samba,DC=example,DC=com into
cn=ldaptestuser3,cn=users,DC=samba,DC=example,DC=com

This should become:

dn: cn=ldaptestuser2,cn=users,DC=samba,DC=example,DC=com
changetype: modrdn
newrdn: cn=ldaptestuser2
deleteoldrdn: 1

There appears to be a typo somewhere in your example, but I can't tell if you meant ldaptestuser3 or ldaptestuser2.

RFC 4511 states that a modify DN operation must fail with the
entryAlreadyExists result code if there was already an entry with that
name.  However, a broad interpretation would recognize that such a
modify DN operation is going to be a no-op and simply ignore it.  The
specific case doesn't seem to be explicitly dealt with in RFC 4511.


I've written a module to cause this to never reach the DB, but my next
test (which AD also permits) is:

cn=ldaptestuser3,cn=users,DC=samba,DC=example,DC=com into
cn=ldaptestUSER3,cn=users,DC=samba,DC=example,DC=com

So it seems I need some backend help.  Is there another way I should be
handling case changes in a DN, or could/should the DB be modified to
allow these operations?

'way back I recall explicitly allowing this case, but the current backend code doesn't. I think it's worth filing an ITS for this.

As for renaming an entry to exactly the same DN, I could go either way. If we ignore it and silently return success, it will still generate replication traffic, which may or may not be desired.

(These tests arose because a user tried to do exactly this from the
windows management tools, and we also failed to allow it in ldb).

Thanks,

Andrew Bartlett

--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP     http://www.openldap.org/project/

Follow-Ups:
- Re: NOOP and case change renames
  - From: Andrew Bartlett <abartlet@samba.org>

References:
- NOOP and case change renames
  - From: Andrew Bartlett <abartlet@samba.org>

Prev by Date: NOOP and case change renames
Next by Date: Re: NOOP and case change renames
Index(es):
- Chronological
- Thread