Andrew Bartlett wrote:
This seems to work.
Good; making progress, then, aren't we?
I've found some more challenges (such as, should a rename onto an entry's own DN work),
You mean
dn: cn=Foo,dc=example,dc=com changetype: modrdn newrdn: cn=Foo deleteoldrdn: 1
?
but I'll try and work on that next week. (I suspect this is an area where I can write a module to cause that to be a no-op, rather than ask for changes in OpenLDAP).
I note this is not directly related to slapo-memberof(5), but rather handled by the underlying backend. RFC 4511 states that a modify DN operation must fail with the entryAlreadyExists result code if there was already an entry with that name. However, a broad interpretation would recognize that such a modify DN operation is going to be a no-op and simply ignore it. The specific case doesn't seem to be explicitly dealt with in RFC 4511.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------