On 15 févr. 2012, at 14:26, Emmanuel Lécharny wrote: > Hi guys, > > let's suppose we have an entry like : > > dn: cn=john doe, ou=system > objectclass: person > cn: john doe > sn: john doe > > Let's now suppose that we want to camel-case the cn to have an entry like : > > dn: cn=John Doe, ou=system > objectclass: person > cn: John Doe > sn: john doe > > Currently ADS does not support such a modification : it considers that it's a > modifcation of an entry on itself, and it's not allowed. (cn is case > insensitive, so basically, it's really a modification on itself).
Here's the exact error message it returns: > LDAP: error code 68 - Attempt to move entry onto itself. The error message is the same whether we use the LDAP API or JNDI in Studio. I tested the same thing on OpenLDAP and the modification is successful. > Now, from the user PoV, this is a bit painful, because even if cn is case > insensitive, the user wants to see the DN as he provided it (after the > rename, he may expect dn: cn=John Doe, ou=system). > > So > > Q1 : should we allow such a rename ? (it will modify the RDN *and* the > attribute) From the server's POV, the value, once normalized, is exactly the same ('cn' is case insensitive). So I understand the rejection. Now, from a user's POV, it would be better if it worked. So, I'd go +1. > Q2 : if we modify the cn only, should the RDN be modified too ? (currently, > ADS does modify the CN, but not the RDN) +1 too. Regards, Pierre-Arnaud > wdyt ? > > -- > Regards, > Cordialement, > Emmanuel Lécharny > www.iktek.com >