RE: Why is LDAP so complex?

[Tony Bibbs <tony@tonybibbs.com>]

How is it better?  Let's say you mess up your LDIF file.  Have you seen
the wonderful messages ldapadd gives you when your LDIF is bad?  What I
was suggesting as an intepreted LDAP language would be able to spit out
more useful debug messages instead of the crap that ldapadd -d -1 spits
out.

Also, I think such an interpreted language could be built in addition to
the standard LDAP tools (not as a replacement).  That way you have a way
for newbies to get up to speed with LDAP and actually use it yet have
the power LDAP tools for more complex needs.  Not to mention it would be
a great learning tool for newbies to examine the LDAP syntax spit out by
the interpreted language.

Keep in mind I'm not an LDAP hater.  I just think it would be more
widely used if it could be simplified.  That's all.

--Tony 

On Thu, 2002-01-10 at 15:38, Justin Hahn wrote:
> > $myentry1 = New LDAP_ENTRY("example.com");
> > $myentry1.InheritClass("dcObject");
> > $myentry1.InheritClass("organization");
> > $myentry1.o = "Example Company";
> > $myentry1.dc ="example";
> > $myentry1.add();
> > 
> > $myentry2 = New LDAP_ENTRY("manager.example.com");
> > $myentry2.InheritClass("organizationalRole");
> > $myentry2.cn = "Manager";
> > $myentry2.add();
> 
> How is this any better than LDIF? Using ldapmodify and LDIF you can do
> pretty much exactly this, and LDIF is more readable.
> 
> Just do
> 
> cat <<EOF | ldapmodify -x -D <bind dn> -h <ldap server> -W -ZZ
> dn: dc=example,dc=com
> changetype: add
> objectClass: dcObject
> objectClass: organization
> o: example company
> dc: example
> 
> dn: cn=manager,dc=example,dc=com
> changetype: add
> objectclass: organizationalrole
> cn: manager
> EOF
> 
> In fact, using proper LDIF, I can do far more sophisticated operations than
> the above. (changetype modify is extremely powerful...)
> 
> --jeh
> 
> 
>