On Tuesday 19 June 2007 20:32, Pierangelo Masarati wrote:
Ralf Haferkamp wrote:
>> It used to be a requirement that any data passing through back-ldap be
>> defined in the local server's schema. Recently that requirement was
>> relaxed. I don't see how you can normalize them safely, without knowing
>> their schema constraints.
> Yeah, there of course case were you can't normalize safely. Probably that
> feature should get a config-switch (defaulting to "no normalization").
> But there are a lot of case where normalizing according to the
> constraints of the mapped attributetype should "just work".
> E.g. we have to proxy here for a directory that uses all kinds of strange
> attribute types instead of the well defined existing types (e.g. it uses
> an attributetype "fullname" instead of "displayname" or
"cn") and we know
> that we can savely map them to one of the well defined attribute types.
> But we are a bit reluctant to pollute the schema of the server (which
> also host other databases) with those attribute types.
The design of slapo-rwm(5) is based on: do things as correct as
possible, but don't be too clever. What you mean makes sense; however,
in most cases when slapo-rwm(5) is needed there are chances data has
some quirk. So I'd leave an option whether or not to require strict
normalization (this option could be per instance, or even per mapping
rule). In fact, slapo-rwm(5) needs to be tolerant about cases where
nothing is known about the source data, and mapping is sort of a hack.
Ok, I will rework the stuff to have the possibility to enable/disable
SUSE LINUX Products GmbH, Maxfeldstrasse 5, D-90409 Nuernberg
F: +49-911-74053575 - Ralf.Haferkamp(a)suse.com