Overview[1]#

LDAP Modify-Increment Extension is defined in RFC 4525 as a supportedExtension for to the Lightweight Directory Access Protocol (LDAP) Modify Request to support an increment capability as a LDAP ModifyRequest Operations

LDAP Modify-Increment Extension is useful in provisioning applications especially when combined with the LDAP Assertion Control and/or the LDAP Pre-Read Control or LDAP Post-Read Control.

LDAP Modify-Increment Extension extends the LDAP Modify request to support a increment values capability. Implementations of LDAP Modify-Increment Extension SHALL support an additional Modify Request operation enumeration value increment as described herein. Implementations not supporting LDAP Modify-Increment Extension extension will treat this value as they would an unlisted value as a protocol error.

The increment Modify Request operation value specifies that an increment values modification is requested. All existing values of the modification attribute are to be incremented by the listed value. The modification attribute must be appropriate for the request (e.g., it must have INTEGER or other increment-able values), and the modification must provide one and only one value. If the attribute is not appropriate for the request, a LDAP_CONSTRAINT_VIOLATION or other appropriate error is to be returned.

If multiple values are provided, a LDAP_PROTOCOL_ERROR is to be returned.

LDAP Server Implementations supporting this feature SHOULD publish the object identifier OID 1.3.6.1.1.14 as a value of the 'SupportedFeatures' RFC 4512 attribute in the Root DSE. Clients supporting this feature SHOULD NOT use the feature unless they know the server supports it.

LDIF Support#

To represent Modify-Increment requests in LDAP Data Interchange Format RFC2849, the ABNF RFC4234 production <mod-spec> is extended as follows:
mod-spec =/ "increment:" FILL AttributeDescription SEP
  attrval-spec "-" SEP

The LDIF Example,

# Increment uidNumber
dn: cn=max-assigned uidNumber,dc=example,dc=com
changetype: modify
increment: uidNumber
uidNumber: 1
-
This LDIF fragment represents a Modify request to increment the value(s) of uidNumber by 1.

More Information#

There might be more information for this subject on one of the following:


I fiound the wording in RFC 4525 to be very interesting. "Servers supporting this feature SHOULD publish the object identifier (OID) 1.3.6.1.1.14 as a value of the 'supportedFeatures' RFC 4512 attribute in the root DSE. " Why as a SupportedFeature when it is a SupportedExtension ?

As near as we can tell, this implies the same OID should be listed in both the

RFC 4511 in section 4.12. Extended Operation states: "Servers list the requestName of Extended Requests they recognize in the 'supportedExtension' attribute in the root DSE Section 5.1 of (RFC4512)"

--jim, 14-Jun-2013 22:18

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-12) was last changed on 14-Jul-2017 10:15 by jim