[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [ldapext] Re: draft-ietf-boreham-numsubordinates-01.txt

To: Ludovic Poitou <ludovic.poitou@Sun.COM>
Subject: Re: [ldapext] Re: draft-ietf-boreham-numsubordinates-01.txt
From: Michael Ströder <michael@stroeder.com>
Date: Tue, 28 Oct 2003 09:25:01 +0100
Cc: John McMeeking <jmcmeek@us.ibm.com>, David Boreham <david@bozemanpass.com>, ldapext@ietf.org
In-reply-to: <3F9D516C.1090203@Sun.COM>
References: <OF3D98EB88.5DA2E5CE-ON86256DC9.004E2E56-86256DC9.004EAE6A@us.ibm.com> <3F9939DB.5070305@Sun.COM> <3F997453.7020507@stroeder.com> <3F9D516C.1090203@Sun.COM>
User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

Ludovic Poitou wrote:

Michael Ströder wrote:
Ludovic Poitou wrote: > > John McMeeking wrote: >> >>> Firstly I'm curious as to what `numSubordinates' identifies as being a >>> subordinate? >>> Eg. Is a subentry counted as a subordinate? >> I'd vote for including subentries.

I'd vote for including subentries as well...
Any use-cases for including subentries?
Which are the use-cases for 'numSubordinates'?
The question was whether SubEntries should be counted in the numSubordinate operational attribute.

This question simply can't be answered without looking at possible use-cases for this attribute.

If subentries are counted in the numSubordinate attribute, an entry that has subEntries will have a positive numSubordinate but regular client applications won't see any child entries. Some apps may be confused by this behavior, but this can already happen with ACI.


Yes, this is the same issue like any scenario with ACI/ACLs in effect.

As opposed, not counting SubEntries in the numSubordinate attribute, an application can read the numSubordiante attribute, see its value is 0, delete the entry and get a NON_LEAF error... and be confused....


IMHO

entry is leaf entry
  <=> value of hasSubordinates is 'FALSE'
  <=> value of numSubordinates is '0'

no matter whether you count all sub entries or just the next level.

Examples (please correct me if I got it wrong):

1. Counting all sub entries in numSubordinates:

dc=test,dc=com (numSubordinates: 5)
|
+-ou=Test1 (numSubordinates: 0)
|
+-ou=Test2 (numSubordinates: 3)
  |
  +-cn=Testperson1 (numSubordinates: 0)
  |
  +-cn=Testperson2 (numSubordinates: 1)
    |
    +-mail=test1@test.com (numSubordinates: 0)

2. Counting only one-level in numSubordinates (similar to what's another vendor is doing in an attribute called 'subordinateCount'):

dc=test,dc=com (numSubordinates: 2)
|
+-ou=Test1 (numSubordinates: 0)
|
+-ou=Test2 (numSubordinates: 2)
  |
  +-cn=Testperson1 (numSubordinates: 0)
  |
  +-cn=Testperson2 (numSubordinates: 1)
    |
    +-mail=test1@test.com (numSubordinates: 0)

As you can see in any scenario leaf-entries have numSubordinates set to zero.

Hmm, maybe I don't understand the word "SubEntries" correctly?
Maybe you are talking about sub entries like sub schema sub entry?

Ciao, Michael.


_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

References:
- Re: [ldapext] Re: draft-ietf-boreham-numsubordinates-01.txt
  - From: John McMeeking <jmcmeek@us.ibm.com>
- Re: [ldapext] Re: draft-ietf-boreham-numsubordinates-01.txt
  - From: Ludovic Poitou <ludovic.poitou@Sun.COM>
- Re: [ldapext] Re: draft-ietf-boreham-numsubordinates-01.txt
  - From: Michael Ströder <michael@stroeder.com>
- Re: [ldapext] Re: draft-ietf-boreham-numsubordinates-01.txt
  - From: Ludovic Poitou <ludovic.poitou@Sun.COM>

Prev by Date: [ldapext] Re: draft-boreham-numsubordinates-01.txt
Next by Date: Re: [ldapext] Re: draft-ietf-boreham-numsubordinates-01.txt
Index(es):
- Chronological
- Thread