Re: Duplicate cn entries

[David Smith <DavidSmith@byu.net>]

On Thu, 2003-05-15 at 06:24, Frank Swasey wrote:
> On May 14 at 7:11pm, David Smith wrote:
> 
> > Bart, OpenLDAP correctly refuses. However, when I do an ldap_modify or 
> > an ldap_add that would create duplicate cn entries, OpenLDAP _does_ 
> > perform the modification. Is this correct behavior? Is there a rule with 
> > regard to duplicate entries like this?
> 
> OpenLDAP does NOT ensure that no two entries in have duplicate cn 
> attributes.  The only guarantee is that no two entries will have the 
> same DN.  The following LDIF is perfectly legal and will be accepted by 
> OpenLDAP:
> 
> dn: cn=John Doe,ou=People,dc=example,dc=com
> objectClass: person
> cn: John Doe
> cn: joe
> sn: Doe
> 
> dn: cn=Johnny Doe,ou=People,dc=example,dc=com
> objectClass: person
> cn: Johnny Doe
> cn: joe
> sn: Doe
> 


Yes, I know that. What I was trying to ask was whether OpenLDAP ensures
that no two entries for an attribute can be identical, like so:

dn: cn=Johnny Doe,ou=People,dc=example,dc=com
objectClass: person
cn: joe
cn: joe
sn: Doe

>From my tests, I can get the above to work with ldap_modify and
ldap_mod_add, but _not_ ldap_add. That seems inconsistent to me. What is
the _general_ rule for duplicate, identical entries for one attribute?
Can they exist or not?

--Dave