[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP as a 'generic' hierarchical data store

Andrew Findlay wrote:
On Tue, Dec 30, 2008 at 04:46:32PM +0100, Lorenzo Pastrana wrote:

- you can't perform LDAP modify operations on multiple operations with multiple operation types (e.g. combinations of add, replace, delete); this is crucial for atomic modifications
I've been reading much more lately so I can weight this answer correctly
now ... :(

Rember that Pierangelo was referring to specific limitations of the PHP interface to LDAP, not the LDAP protocol itself.

What do you think could be a solution to (auto)incremented id then ?
Would there be an alternative to the use of incremented ids ?
Is my brain stuck in RDBMS mode ?

It depends on what you are really trying to do. LDAP does not have things like autoincremented IDs (although you could probably write a plugin for a specific LDAP server to do it if you really wanted to). On the other hand, LDAP does provide a way to get safe incrementing values. To do this, you store the value in a designated entry and increment it like this:

	read current value
	( delete current value; add current value + 1 )
until success

This works because you do the delete and add in a single LDAP
operation, which will succeed or fail as a whole. This is the only
atomic operation available in standard LDAP.

Pierangelo's comment (quoted above) is saying that the PHP interface
to LDAP does not allow you to express the delete and add as a single
operation, so you cannot do this from PHP.

There may be other ways to achieve what you want. If for example you
just want to generate a unique name for a new entry and it does not
matter what it is, you could try this:

	generate random entry name
	create entry
until success

If the random name is sufficiently long and sufficiently random then
this is a much more efficient method than trying to maintain a
safely-incrementing counter to generate names from.

My comment also applies to the fact that were the interface providing extensions like the modify increment extension (RFC4525) and the LDAP (postread) Read Entry control (RFC4527), one could atomically increment a counter and read back the incremented value.


Ing. Pierangelo Masarati OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it