directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Howard Chu <>
Subject Re: Removing non-existent values from an attribute
Date Tue, 01 Apr 2008 23:11:27 GMT
Emmanuel Lecharny wrote:
> Hi Howard,
> I'm just wondering why OpenLdap returns a noSuchAttribute when we try to
> delete a non-existent value from an existent attribute...
> The 4511 RFCs says nothing about this specific case, even if the
> noSuchAttribute error code says :
> "Indicates that the named entry does not contain the specified attribute
> or attribute value."

> We currently don't returns an error, based on the fact that removing a
> non-existent value does not break the server, and will always be
> successfull, as the value will be removed (well, as it does not exist :).
> Should we change ADS to generate an error or not ? Does Kurt said
> something specific about this case? I didn't found anything related on
> google...

It may not be explicitly stated in the RFCs, but it is explicitly stated in 
the Abstract Service Definition (X.511, section 11.)

11.3.2 ModifyEntry arguments
    b) removeAttribute - Any attempt to remove a non-existing attribute 
results in an AttributeError.
    d) removeValues - If the values are not present in the attribute, this 
results in an AttributeError.

I'll also note that OpenLDAP implements Microsoft's PermissiveModify control 
(1.2.840.113556.1.4.1413) which is used specifically to override this 
behavior, which essentially gives what you're already doing by default.

The actual text of the RFCs are not a complete definition of LDAP. They 
incorporate the X.500 specs by explicit reference; you have to look there 
first whenever you run into something inadequately specified in the RFCs.
   -- Howard Chu
   Chief Architect, Symas Corp.
   Director, Highland Sun
   Chief Architect, OpenLDAP

View raw message