[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: "add" and "replace" at the same time?



=> On Fri, 25 Apr 2003 15:19:12 +0200, =?ISO-8859-1?Q?Michael_Str=F6der?= <michael@stroeder.com> said:

> Implement your own customized name-your-favourite-scripting-language-here
> script which accesses both directories via LDAP by using an appropriate LDAP
> module. Avoid messing around with LDIF and the command-line tools for that
> task. You will get better control, performance and error handling with your
> own sync program. It's not that hard to implement such a thing.  (Or ask
> somebody to do it for you...)


I've got something that does this: compares two sources (in this case an LDIF
file and an LDAP server) and puts out the LDIF necessary to transform one to
the other.  

It's kind of like an ldiff diff, which is why I called it diffldiff. :)

I've got one obstacle left to solve 'correctly'; I'm doing the wrong thing
w.r.t. structural objectclasses (as my post a few weeks ago neatly displayed)
but I'm reluctant to solve that ad hoc.

I have thought that I might ask the LDAP server for some schema information,
and attempt to reason which transformations result in changing structural
objectclasses, and for those changes issue add/delete instead of modify.  But
this doesn't help if your're diffing two LDIF files.

So I'm thinking, is it more "wrong" to issue add/deletes anytime objectclass
is modified (and do unnecessary adds and deletes when the change was
nonstructural) or more "wrong" to punt if I don't have an active LDAP server
against which I might make schema queries?

Or should it be an additional requirement of my script that it be supplied
with the correct set of schema files, so that it can arrive at its' own
opinion about what's structural and what's not?

Once I get it beyond this obnoxious inability, I intend to offer it up for
criticism and thrown tomatoes, in the hope it will be of use to someone.

- Allen S. Rout