[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP 2.1 DN question



Suresh Krishnan (QB/LMC) wrote:

Hi Pierangelo,
	Thank you very much for the answer, but do you know where this requirement comes from? I could not find it in the LDAP RFCs.

RFC2251

3.2:

  ... Entries have names: one or more attribute values
  from the entry form its relative distinguished name (RDN), which MUST
  be unique among all its siblings. ...

4.6:
   ... The Modify Operation cannot be used to remove from an entry any of
  its distinguished values, those values which form the entry's
  relative distinguished name.  An attempt to do so will result in the
  server returning the error notAllowedOnRDN. ...

4.7:
   ... - attributes: the list of attributes that make up the content of the
    entry being added.  Clients MUST include distinguished values
    (those forming the entry's own RDN) in this list, the objectClass
    attribute, and values of any mandatory attributes of the listed
    object classes. ...

and more when talking about modrdn.

p.


Thanks Suresh


-----Original Message----- From: Pierangelo Masarati [mailto:ando@sys-net.it] Sent: Thursday, August 07, 2003 2:53 AM To: Suresh Krishnan (QB/LMC) Cc: openldap-software@OpenLDAP.org Subject: Re: OpenLDAP 2.1 DN question


Suresh Krishnan (QB/LMC) wrote:



Hi Folks,
	I recently migrated from OpenLDAP 2.0x to 2.1. Whenever I try to add an entry of a specific objectclass I get an Invalid DN error

ldap_perror gives
PDK_LDAP_ADD_ENTRY_SYNC:: Invalid DN syntax
      additional info: invalid DN

This code used to work fine with OpenLDAP 2.0x. When I add this specific entry I use a DN whose RDN is not composed of an attribute type of this object class. I think this is what is causing the problem. eg.

objectclass has only attributetypes A,B,C
but my dn is D=3,dc=foo,dc=blah...

Is there a requirement somewhere that D has to be an attribute type for the given object class or is this a bug?




The requirement is a bit different: the attribute types, and the respective values, that are used in an'antry's RDN must be present in the entry as well. As a consequence,

D=3,dc=foo,dc=blah

needs a

D: 3

attribute; note that

D: 4 would be erroneous as well, because "D"
would present, but its value would not match
that in the RDN.

Pierangelo.