Re: Problem making refint_nothing working
Le 2015-11-17 17:08, Howard Chu a écrit :
katgb wrote:
> Hi all,
>
> I tried for some days to make refint overlay work with refint_nothing
> filled.
>
> The slapo-refint man page says :
>
> refint_nothing <string>
> Specify an arbitrary value to be used as a placeholder
> when the
> last value would otherwise be deleted from an attribute. This can be
> useful in
> cases where the schema requires the existence of an attribute for
> which
> referential integrity is enforced. The attempted
> deletion of a
> required attribute will otherwise result in an Object Class Violation,
> causing
> the request to fail. The string must be a valid DN.
>
>
> but each time I try to delete the last member from a groupOfNames
> group, the
> deletion is refused because of schema violation. That's ok without
> refint_nothing but with the string set it should replace last member,
> right ?
No. The refint_nothing value only affects modifications that the
refint overlay itself would make when trying to maintain integrity. It
doesn't interfere with user modification requests at all.
I'm not sure I understand "user modification requests" well. By user, do
you mean the person who manipulate the directory or an object of "type"
user ?
If I have memberof overlay activated and it changes the uid's memberof
attribute, isn't it a user modification request (by memberof overlay) ?
I've tested refint another way. I removed the user (identified by uid)
from the directory.
When the user is deleted, refint_nothing works and replaces the last
member with the placeholder (I also have some debug information in
logs). I thought that refint_nothing would also work when a modification
is done on one of refint attributes. Maybe you can confirm I'm wrong
about that.
Is there a way to accomplish what I want ?
--
------------
M. P.