[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Semantics of LDAP Modify DN operation

To: Nick Zhang <nzhang@best.com>
Subject: Re: Semantics of LDAP Modify DN operation
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org>
Date: Tue, 05 Oct 1999 22:20:19 -0700
Cc: ietf-ldapext@netscape.com
In-reply-to: <199910052009.NAA19659@shell8.ba.best.com>
Resent-date: Tue, 05 Oct 1999 22:26:19 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"TwCxKB.A.dI.01t-3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

At 01:09 PM 10/5/99 -0700, Nick Zhang wrote:
>What is the exact semantics of Modify DN operation?
>Example, assume we have entry for the organization
>named "foo", "o=foo, c=US", we do 
>	ldapmodrdn "o=foo, c=US" "o=bar"
>Then what is the consequence of the operation--what happened
>to all the children of the "o=foo,c=US"?
>
>I can see 4 possibilities:
>1) all got renamed to "cn=employee, o=bar, c=US"
>2) all become orphans--don't know who the parent is, but
>may not may not still be searchable
>3) all become grandparent's childrent
>4) all got removed
5) the operation fails with notAllowedOnNonLeaf

>I know in LDAPv3 this has been made clear with subtree renaming.
>But let's say the Modify DN request does not have the optional
>newSuperior field--therefore, it's LDAPv2, then what should
>we interpret the consequence. There must have been discussions
>about this when LDAPv3 came up.

First, it's a LDAPv2 operation iff an LDAPv2 bind as occurred.
Otherwise, it's an LDAPv3 operation.

In the LDAPv3 case, the subtree should be moved per 2251/4.9.
In the LDAPv2 case, a server may return nonAllowedOnNonLeaf.

Kurt

References:
- Semantics of LDAP Modify DN operation
  - From: Nick Zhang <nzhang@best.com>

Prev by Date: Re: Semantics of LDAP Modify DN operation
Next by Date: Re: A tricky matched values problem
Index(es):
- Chronological
- Thread