--On Thursday, September 07, 2017 12:03 PM -0400 Douglas Duckworth dod2014@med.cornell.edu wrote:
Why would you want to rename a subtree? I can only think of a scenario if for example we would have to sync with another LDAP cluster that perhaps had ou=Accounts whereas we have ou=People.
A subtree is simply any DN that has children.
So if you, for example, had:
dn: uid=jdoe, cn=people, dc=example, dc=com dn: signature=work, uid=jdoe, cn=people, dc=example, dc=com
And jdoe got divorced and changed their last name, and wanted their uid updated, you could do a subtree rename to fix her entry and all children entries at the same time. Otherwise, you'd have to either delete the existing entries and create new ones, or create new ones and delete the old ones, etc. Or stop everything, do an export, fix the data, reimport.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
Quanah Gibson-Mount quanah@symas.com schrieb am 07.09.2017 um 17:14 in
Nachricht <372CE42D6A64FB1C859F6418@[192.168.1.30]>:
--On Thursday, September 07, 2017 12:03 PM -0400 Douglas Duckworth dod2014@med.cornell.edu wrote:
Why would you want to rename a subtree? I can only think of a scenario if for example we would have to sync with another LDAP cluster that perhaps had ou=Accounts whereas we have ou=People.
A subtree is simply any DN that has children.
So if you, for example, had:
dn: uid=jdoe, cn=people, dc=example, dc=com dn: signature=work, uid=jdoe, cn=people, dc=example, dc=com
And jdoe got divorced and changed their last name, and wanted their uid updated, you could do a subtree rename to fix her entry and all children entries at the same time. Otherwise, you'd have to either delete the
I think that's a good example why an ID should be different from the user's common (sur)name. If you have jdoe as memeber of some groups, youll have some additional fun unless LDAP is smart enough to adjust those...
Ideally IDs should be free of any semantics other than being unique (like random-based UUIDs).
Regards, Ulrich
existing entries and create new ones, or create new ones and delete the old ones, etc. Or stop everything, do an export, fix the data, reimport.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
openldap-technical@openldap.org
-
Quanah Gibson-Mount -
Ulrich Windl