directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Zoerner <>
Subject Re: DIRSERVER-936 & 927 Questions
Date Mon, 21 May 2007 11:53:55 GMT
Hi Emmanuel!

Emmanuel Lecharny wrote:
> Me too. Searching for *all* entries using a disabled schema is obviously 
> an expensive operation. The semantic of Disabled should be something 
> like : "you can read entries which use the disabled AT and OC, but you 
> cannot add such disabled objects".

This sounds reasonable. I think there may exist entries in the DIT, 
which do not adhere to the current schema. They may also contain 
attribute types not present in the schema at all (neither enabled nor 
disabled).  This can happen because it is possible to delete 
objectClasses, attribute types etc. although relevant entries exist. Or 
someone disables schema checking, creates "illegal" entries and enables 
the schema again ...

> Well, my opinion is that when a schema is disabled, you can anymore 
> create an object using one of its AT or OC, and you can't modify an 
> existing entry to use the disabled AT and OC.
> wdyt ?

Yes, although some more clarification of the semantics is still needed. 
Lets take this one:

dn: cn=Tori Amos,dc=example,dc=com
sn: Amos
xmozillanickname: Tori
objectClass: mozillaAbPersonObsolete
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: Tori Amos

Assume "mozilla" schema has been disabled again after Tori creation.
Is it allowed to change the xmozillanickname  attribute value?
Is it allowed to remove the xmozillanickname attribute completely from 
the entry?

What, if the "mozilla" schema have been removed completly?


View raw message