abartlet@samba.org wrote:

Full_Name: Andrew Bartlett Version: CVS HEAD OS: Fedora 9 URL: http://www.openldap.org/lists/openldap-technical/200803/msg00101.html Submission from: (NULL) (59.167.251.137)

For Samba4, I need a few things, detailed in the attached URL.

The above message thread had some unanswered questions. We may need to have each point listed out again.

This ITS is for internal transactions and validation - the ability to have a openldap overlay roll back all the changes so far, because a precondition is not met.

I think this one is understood, OK. Just a matter of getting the time to do it.

I need the memberOf and refint modules to ensure that no dangling links ever exist, even over subtree renames and invalid modifies, and that a transaction ensures this is always the case.

I think the proper use of memberOf still needs to be addressed. E.g., it's generally a bad idea to search for (memberOf=foo) when you can simply enumerate the members inside the "foo" entry. If you give us precise examples of the searches and modifications that you'll be using, we may be able to narrow the scope of this work.

This needs to occur even between databases on the server, but I won't ask that it occur outside the known trees.

It's already possible for operations in one database to reference entries in a different database, so that aspect of validation should be fine. However, as noted before, "validation" is generally bogus to begin with. In particular, how do you create entries with circular references? If you disallow references to nonexistent entries, you can't set the references until after all of the entries have been created. This means that you cannot backup a database that has these references and then later reload it in a single pass.