|I still hate ldap|
I still hate ldap
Oct. 15th, 2005 @ 06:18 am
I just spent the last four hours (2am-6am) babysitting a database->ldap synchronization process I spent the last month working on.
I'm tired of it. I want it to go away.
I'd be done, I think, except LDAP now won't let me move a DN from "cn=something, ..." to "uid=something, ..." (even though the uid attribute matches up correctly). and, best of all, it just says "error 65: object class violation"... which is the near equivalent of (this will date me) err 255 in Turbo Pascal.
I want worky to stop for a few days so I can play puzzle pirates. Now I'm too tired and must sleep more.
We want you to Pirate too....we miss you!
Sleep well, and I hope everything gets better soon!
|Date:||October 15th, 2005 04:23 pm (UTC)|| |
That error is just telling you that in trying to create the new object in the destination DN there's a required attribute and the source DN is of a type that doesn't have that attribute. I think your best bet is to create a completely new object in the new location with all the values of the old object, PLUS whatever attributes are defined in the RFC as MUST HAVE for that object.
So the question is, what type is the source DN and what is the destination DN? LDAP seems to believe they are different. A silly analogy may clarify: cats and dogs both have 4 legs, two eyes, a tail, and fur, but you can't turn one into the other. Just like in strongly-typed OO programming, even if two objects have identical properties and methods, if they are defined as two different types, you can't copy one from the other.
Did I ever mention I was the LDAP/X.500 DSA manager at UT Houston before I was at the Chronicle. More than that, I installed and built that system from scratch, including creating the X.500 server. http://www.uth.tmc.edu/uth_databases/white_pages/technical.html
|Date:||October 15th, 2005 04:36 pm (UTC)|| |
Re: Error 65
Oops. That's my comment up there as Anonymous. I forgot I was using a development build of Firefox with my alternate development/testing profile.
You know, lj's been doing that to me a lot. I'll post a comment and then suddenly, it's up as Anonymous. Grrr.
huh. and here I thought type came entirely from the list of objectclasses
more specifically, I know how to parse the schema to find all the required attributes for objectclasses, but I don't know how to parse the schema to find the required fields implied by the shape of the DN.
...or it could be that "delete old rdn" doesn't mean "remove the old leaf node" it means "remove the attribute represented by the old rdn" (which is a required attribute in this case). oops.
|Date:||October 17th, 2005 03:30 pm (UTC)|| |
Re: Error 65
|Top of Page
||Powered by LiveJournal.com|