Re: modrdn: deleteoldrdn question

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

deleteoldrdn applies only to portions of the old RDN which
are not part of the new RDN.  In this case, the value of
deleteoldrdn is irrelevant as the old and new RDN are the
same.  See X.511 for details.

Kurt

At 03:44 AM 3/13/2004, Frank Swasey wrote:
>Background:
>        I've been working with OpenLDAP for about two years now and have
>our main directory working fine.  We are now expanding to do a regular
>feed of LDAP data into Active Directory.  When people change their
>affilations with the University, we move their entry into a new branch
>of the information tree by using a modrdn operation.  The operation is
>one that looks like:
>
>dn: cn=joe,ou=People,dc=example,dc=com
>changetype: modrdn
>newrdn: cn=joe
>deleteoldrdn: 0
>newsuperior: ou=Expired,dc=example,dc=com
>
>This works just fine in OpenLDAP.  However, when I perform the same
>operation against ActiveDirectory, it yells and screams and refuses to
>perform the operation returing a message that deleteoldrdn must be TRUE.
>In fact, it does work and works properly if I change the value of
>deleteoldrdn to 1 (and it also works in OpenLDAP).
>
>Reading RFC2251, I see that the server may refuse to perform if the
>setting of deleteoldrdn would cause an inconsistency in the schema.
>
>Question:
>        I'm left wondering, is OpenLDAP bending the rules a little and
>ActiveDirectory just very strictly following RFC2251 (since it would
>appear that I am violating schema by asking for two identical CN
>values)?
>
>Thanks,
>-- 
>Frank Swasey                    | http://www.uvm.edu/~fcs
>Systems Programmer              | Always remember: You are UNIQUE,
>University of Vermont           |    just like everyone else.
>        === God bless all inhabitants of your planet ===