[Date Prev][Date Next]
Re: unique values
--On Tuesday, March 07, 2017 4:58 PM +0000 Howard Chu <firstname.lastname@example.org> wrote:
This is bad advice. If you actually want a UUID then use entryUUID. As
noted, it is defined in RFC4530 which means it isn't going to change. The
format of UUIDs is well-established in internet standards.
I disagree. :) There are perefectly valid reasons to avoid using the LDAP
When an existing attribute has *exactly* the syntax and semantics that
you want, use it.
suRegID and zimbraID are not UUIDs are they?
Yes, they are UUIDs. In Stanford's case, the UUID was generated outside of
LDAP in another system, and used as a reference through multitudes of other
systems, many of which had no access to LDAP. Using the entryUUID would
not have been feasible.
In Zimbra's case, there's a capability to store the non-operational
attributes of an account for restoration at a later date via other
utilities. The licensed nature, based off total accounts, for Zimbra's
commercial product means that deleting inactive accounts is a common
procedure, as well as restoring them at a later date. Restoring a single
account where operational attributes are present is a pain. In addition,
at least one customer did not use OpenLDAP as the backend store. Having a
persistent UUID on the account was necessary because other portions of the
product could retain references to an old account even once deleted that
would need to be consistent if the account was restored.
Using your own identifier ensures that will not be an issue. Also, if
you do things like allow backing up/restoring user entries that have
gotten deleted, a restored entry (depending on the method use) may end
up with a new entryUUID.
Yes, you should only use the recommended backup procedures.
The above not really isn't about backup, it's about restoration. See above.
Packaged, certified, and supported LDAP solutions powered by OpenLDAP: