Kyle Tucker wrote:
Kyle Tucker wrote:
But recent research into LDIF revealed that the proper way
What do you mean by "recent" here? RFC 2849 was published in 2000, and
I don't think there was much further research. That document illustrate
even wiser (and syntactically correct) means to perform the
modifications you need.
I was referring to my research. I was more looking into why the other
non-replace method works, if it was some optional syntax or if it wasn't
even working as it seemed, although all evidence I saw indicated it was.
> dn: uid=$UID, ou=People, $DNDOMAIN
> changetype: modify
> shadowLastChange: $TODAY
> userPassword: $PWHASH
The above is a bug (feature?) of the LDIF parsing routine, a bit too liberal
> dn: uid=$UID, ou=People, $DNDOMAIN
> changetype: modify
> replace: shadowLastChange
> shadowLastChange: $TODAY
>
> dn: uid=$UID, ou=People, $DNDOMAIN
> changetype: modify
> replace: userPassword
> userPassword: $PWHASH
The above, according to RFC 2849, can be summarized in
dn: uid=$UID, ou=People, $DNDOMAIN
changetype: modify
replace: shadowLastChange
shadowLastChange: $TODAY
-
replace: userPassword
userPassword: $PWHASH
-
with two relevant consequences:
1) only one operation is performed instead of two;
2) as a consequence, the modification is atomic, i.e. either they both
succeed or they both fail; the way you indicated, they could have
independently succeeded or failed.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office: +39.02.23998309
Mobile: +39.333.4963172
Email: pierangelo.masarati@xxxxxxxxxx
------------------------------------------
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
