[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: commit: ldap/servers/slapd add.c

At 09:02 AM 1/29/2003, Pierangelo Masarati wrote:

>> ando@OpenLDAP.org writes:
>>> check for RDN attrs/vals when adding an entry (ITS#2243;
>> Can I still add an alias (with back-ldbm) with e.g. 'ou' in the RDN,
>> even though the alias object class does not allow 'ou'?
>Not now; I'm fixing it for other special cases
>like referral, extensibleObject.  What about
>subentry stuff, though?

There really shouldn't be any special cases here.  The AVAs of
the RDN should be picked from values of attributes of the entry.
Attributes of entries must be allowed per the user and/or
system schema.

For referrals, the practice is to add extensibleObject to the
entry's objectClass attribute to allow the naming attribute to
be present.  See RFC 3296.

For aliases, there are two practices.  One is to use extensibleObject
much like is done for referrals.  Another is to subclass alias
and have that subclass allow the naming attribute.  OpenLDAP 2.1
doesn't currently support the latter.  Another approach is to use
DIT Content Rules...

>>> need to
>>> choose whether to bail out or to add the RDN attr/vals to the entry;
>> Bail out.
>Yes, it's the default now
>>> FIXME: is constraintViolation a reasonable error?
>> Not sure.  That or Or namingViolation or objectClassViolation.
>Kurt suggests noSuchAttribute.
>Pierangelo Masarati