[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: strict ldif check



1 writes:
> Let's consider ldap add operation. According to RFC4511 (...)
>    - attributes: (...) Clients MAY or
>      MAY NOT include the RDN attribute(s) in this list.
> (...)
> dn: uid=test,dc=edu,dc=ru
> objectClass: testClass
>
> while testClass classify uid as MAY attribute
> is correct. Ain't I wrong? Though if you try to do it via OpenLDAP you get 
> "Naming violation. Naming attribute uid is not present in entry."

The error message is not about the requirement that an entry must have
all 'MUST'-attributes in its object classes.  It's about the requirement
that all the attributes in the RDN *also* must be present.

In RFC 2251 (the previous revision of LDAPv3), the client had to ensure
the latter: The "MAY or MAY NOT include..." you quoted was "MUST
include".  In RFC 4511, that has become the server's job.

> Doesn OpenLDAP really violates RFC here?

Not RFC 2251:-)

-- 
Regards,
Hallvard