On 01/21/2013 01:48 PM, Simo Sorce wrote:

There is also the little issue that we may treat a string in a more
restrictive way than the LDAP schema allow

In an object orientated language restricted behaviors are modeled by subclassing.

or we may not have schema loaded yet for example in the installer case

In what circumstance do we not know the schema? Yes, during install the schema may not already be present on the server for the attribute in question, but that doesn't mean we don't know what the syntax is, rather we just have to look for it in a a different place (because by definition we have to have the schema available to install it). We should never have a situation where we don't know the schema for an attribute.

The only issues I've ever seen are attributes whose syntax was incorrectly defined (mostly attributes that are logically DN's but were defined with string syntax). Fortunately those seem to be rare and are currently handled via an "exceptions" table in ldap2.

John Dennis <jden...@redhat.com>

Looking to carve out IT costs?

Freeipa-devel mailing list

Reply via email to