Andrew Findlay wrote:
On Tue, Dec 30, 2008 at 04:46:32PM +0100, Lorenzo Pastrana wrote:
- you can't perform LDAP modify operations on multiple operations with
multiple operation types (e.g. combinations of add, replace, delete); this is crucial for atomic modifications
I've been reading much more lately so I can weight this answer correctly now ... :(
Rember that Pierangelo was referring to specific limitations of the PHP interface to LDAP, not the LDAP protocol itself.
What do you think could be a solution to (auto)incremented id then ? Would there be an alternative to the use of incremented ids ? Is my brain stuck in RDBMS mode ?
It depends on what you are really trying to do. LDAP does not have things like autoincremented IDs (although you could probably write a plugin for a specific LDAP server to do it if you really wanted to). On the other hand, LDAP does provide a way to get safe incrementing values. To do this, you store the value in a designated entry and increment it like this:
repeat read current value ( delete current value; add current value + 1 ) until success
This works because you do the delete and add in a single LDAP operation, which will succeed or fail as a whole. This is the only atomic operation available in standard LDAP.
Pierangelo's comment (quoted above) is saying that the PHP interface to LDAP does not allow you to express the delete and add as a single operation, so you cannot do this from PHP.
There may be other ways to achieve what you want. If for example you just want to generate a unique name for a new entry and it does not matter what it is, you could try this:
repeat generate random entry name create entry until success
If the random name is sufficiently long and sufficiently random then this is a much more efficient method than trying to maintain a safely-incrementing counter to generate names from.
My comment also applies to the fact that were the interface providing extensions like the modify increment extension (RFC4525) and the LDAP (postread) Read Entry control (RFC4527), one could atomically increment a counter and read back the incremented value.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando@sys-net.it -----------------------------------