[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Missing Syntax description in the cn=subschema's LDAPSyntaxes AT

Le 2/14/12 2:58 PM, Kurt Zeilenga a Ãcrit :
On Feb 14, 2012, at 5:03 AM, Emmanuel LÃcharny wrote:

Le 2/14/12 1:19 PM, Michael StrÃder a Ãcrit :
Emmanuel LÃcharny wrote:
In Apache Directory Studio and
the Java LDAP API, it's a bit more annoying, as we try to load the full schema
from the server to locally check that values are correct before sending them
back to the server. We have a mechanism to 'bypass' the missing syntaxes, of
course, but I think that from a completness POV, it would be better if
OpenLDAP add those missing syntaxes...
As a developer of a generic, schema-aware LDAPv3 client you should prepared to deal with incomplete/false subschema. Otherwise your client will joke very often.
We *are* ready to handle such schemas. M$ AD is most certainly the worst use case around. The question is more about OpenLDAP compliance

RFC 4512:
    Clients SHOULD NOT assume that a published subschema is complete,
    that the server supports all of the schema elements it publishes, or
    that the server does not support an unpublished element.

Compliance is most certainly the wrong word in this context :) Excuse my french !

: does those missing Syntaxes deserve an ITS or not.
Generally speaking, if it's missing, it's missing for a reason...  generally that reason is the syntax is not implemented, or implemented to the degree needed to one to have a userApplications attribute using that syntax.

This can be viewed as a signal to the client application that listed attributes of that syntax cannot be stored/modified in the subtree of the subschema controls.
I'm not sure the client application is smart enough to infer such a meaning ;) Although I think that Syntax like Fax, Guide, EnhancedGuide and a few others are just missing because nobody store such data in LDAP any more... (my own perception of course).

Ok  thanks for those explainations.

Emmanuel LÃcharny