Ulrich Windl wrote:
Howard Chu hyc@symas.com schrieb am 09.12.2014 um 16:24 in Nachricht
Ulrich Windl wrote:
Hello!
I have a question: Is it always OK to use LDIF "replace", even if the attribute doesn't
exist yet? If so, is it also OK to use "replace" with out specifying an attribute value instead of using "delete"?
I actually managed to do the first one, and the operation is logged as
"replace" not as "add" in accesslog. I wrote a program that uses accesslog to create an "undo-LDIF" to undo recent changes on demand. Now with that "replace" having succeeded, the undo operation created for it would be the second case ("replace" with no new value).
Read RFC4511 section 4.6.
General questions about how LDAP works don't belong here. Use the ldap@umich.edu mailing list.
Of course I meant "does it work with openLDAP" when asking "does it work in LDAP".
If you meant "in OpenLDAP" than that's what you should have written. Since you asked about "LDAP" you got the correct answer to your question.
Meanwhile, your question still is about the basic semantics of a Modify/Replace operation. The semantics of this operation are defined in the LDAP RFC I pointed you to. Every server that claims to support LDAPv3 is required to implement these semantics.
Naturally, since OpenLDAP has been the reference implementation of LDAP for nearly 2 decades, of course it implements this aspect of the spec.