On 26/4/04 12:08 pm, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Hi, folks > > I'm writing a script that takes a bunch of user entries from LDAP[0] > directory, massages them into a form suitable for LDAP[2] directory, and > then saves the newly made entries to LDAP[1]. > > Obviously(*) I only want to update the LDAP[1] tree if it's really needed, > and simply ignore the cases where no real changes occur. At first I > thought that comparing of two Net::LDAP::entry objects can be done with > "compare", but apparently this is not the case, and now I'm not so sure if > using the compare method is a wise thing to do. :-(
No, compare only works at the attribute level. (Compare a given value with all the values of a specified attribute in a specified entry.) > Do I really have to pick up the "current" user entry from LDAP[1], compare > it to the one I've just built based on data from LDAP[0] by manually > comparing each atribute/value combination, or is there a simpler/better > way to do this? No, that's pretty much what you have to do, especially if you're not in control over entries being changed on all the servers. The only way to avoid this would be to observe changes being made on the original server (0) using something like changelog (which is non standard) and then constructing minimal changes to send to the other server. You might be able to use changelog against both servers if both are being updated out of your control. > A second question is about the "modify/replace" operation. Is it safe to > use this operation instead of "modify/add" in case I don't care about the > previously stored values, or do I have to be sure the atribute actually > exists before modifying it? As long as you are binding with LDAPv3, you can issue a modify/replace on a non-existent attribute and (as long as you don't violate schema or access controls etc) it will succeed. > > thx > Denis > (*) LDAP is bad at writing/updating, so it's better to avoid updates if > possible, right? Relatively bad. Minimizing updates is a good idea. Cheers, Chris
