[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Why is LDAP so complex?



Title: RE: Why is LDAP so complex?

Well, not to aggravate anyone, but it sounds like what is really needed is an enhancement to ldapadd.  If this program pre-processed the LDIF file better, it could output more meaningful line-by-line errors -- just like any half-way decent compiler, for example.  The LDIF language is sufficient as it is; why would we want to create yet another language to "interpret" when LDIF is already here and standardized too?

Just a thought...
-Boris

-----Original Message-----
From: Tony Bibbs [mailto:tony@tonybibbs.com]
Sent: Thursday, January 10, 2002 2:03 PM
To: openldap-software@OpenLDAP.org
Subject: RE: Why is LDAP so complex?


How is it better?  Let's say you mess up your LDIF file.  Have you seen
the wonderful messages ldapadd gives you when your LDIF is bad?  What I
was suggesting as an intepreted LDAP language would be able to spit out
more useful debug messages instead of the crap that ldapadd -d -1 spits
out.

Also, I think such an interpreted language could be built in addition to
the standard LDAP tools (not as a replacement).  That way you have a way
for newbies to get up to speed with LDAP and actually use it yet have
the power LDAP tools for more complex needs.  Not to mention it would be
a great learning tool for newbies to examine the LDAP syntax spit out by
the interpreted language.

Keep in mind I'm not an LDAP hater.  I just think it would be more
widely used if it could be simplified.  That's all.

--Tony

On Thu, 2002-01-10 at 15:38, Justin Hahn wrote:
> > $myentry1 = New LDAP_ENTRY("example.com");
> > $myentry1.InheritClass("dcObject");
> > $myentry1.InheritClass("organization");
> > $myentry1.o = "Example Company";
> > $myentry1.dc ="example";
> > $myentry1.add();
> >
> > $myentry2 = New LDAP_ENTRY("manager.example.com");
> > $myentry2.InheritClass("organizationalRole");
> > $myentry2.cn = "Manager";
> > $myentry2.add();
>
> How is this any better than LDIF? Using ldapmodify and LDIF you can do
> pretty much exactly this, and LDIF is more readable.
>
> Just do
>
> cat <<EOF | ldapmodify -x -D <bind dn> -h <ldap server> -W -ZZ
> dn: dc=example,dc=com
> changetype: add
> objectClass: dcObject
> objectClass: organization
> o: example company
> dc: example
>
> dn: cn=manager,dc=example,dc=com
> changetype: add
> objectclass: organizationalrole
> cn: manager
> EOF
>
> In fact, using proper LDIF, I can do far more sophisticated operations than
> the above. (changetype modify is extremely powerful...)
>
> --jeh
>
>
>