This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
LDAP Modify-Increment Extension
LDAP Modify-Increment Extension

Version management

Difference between version and

At line 1 added 50 lines
!!! Overview[1]
[{$pagename}] is defined in [RFC 4525] as a [supportedExtension] for to the Lightweight Directory Access Protocol (LDAP) [Modify Request] to support an increment capability as a [LDAP ModifyRequest Operations]
[{$pagename}] is useful in provisioning applications especially when combined with the [LDAP Assertion Control] and/or the [LDAP Pre-Read Control] or [LDAP Post-Read Control].
[{$pagename}] extends the LDAP Modify request to support a increment values capability. Implementations of [{$pagename}] SHALL support an additional [Modify Request] operation enumeration value increment as described herein. Implementations not supporting [{$pagename}] extension will treat this value as they would an unlisted value as a protocol error.
If the [Modify Request] type is [increment], then there must be an attribute description with exactly one value, and that value must be a positive or negative [integer]. The target attribute must exist in the entry with exactly one value, and that value must be an [integer]. The increment operation will update the specified attribute so that its new value will be the sum of the provided value and the existing value.
The increment [Modify Request] operation value specifies that an increment values modification is requested. All existing values of the modification attribute are to be incremented by the listed value. The modification attribute must be appropriate for the request (e.g., it must have INTEGER or other increment-able values), and the modification must provide one and only one value. If the attribute is not appropriate for the request, a [LDAP_CONSTRAINT_VIOLATION] or other appropriate error is to be returned.
If multiple values are provided, a [LDAP_PROTOCOL_ERROR] is to be returned.
[LDAP Server Implementations] supporting this feature __SHOULD__ publish the object identifier OID [1.3.6.1.1.14] as a value of the '[SupportedFeatures]' [RFC 4512] attribute in the [Root DSE]. Clients supporting this feature SHOULD NOT use the feature unless they know the server supports it.
!! [LDIF] Support
To represent Modify-Increment requests in [LDAP Data Interchange Format] [RFC 2849], the ABNF [RFC 4234] production <mod-spec> is extended as follows:
{{{
mod-spec =/ "increment:" FILL AttributeDescription SEP
attrval-spec "-" SEP
}}}
The [LDIF] [Example],
{{{
# Increment uidNumber
dn: cn=max-assigned uidNumber,dc=example,dc=com
changetype: modify
increment: uidNumber
uidNumber: 1
-
}}}
This LDIF fragment represents a Modify request to increment the value(s) of uidNumber by 1.
We at [{$applicationname}] found the wording in [RFC 4525] to be very interesting.
"Servers supporting this feature SHOULD publish the object identifier (OID) [1.3.6.1.1.14] as a value of the 'supportedFeatures' [RFC 4512] attribute in the [root DSE]. "
Why as a [SupportedFeature] when it is a [SupportedExtension] ?
As near as we can tell, this implies the same [OID] should be listed in both the [RFC 4511] in section 4.12. Extended Operation states: "Servers list the requestName of Extended Requests they recognize in the 'supportedExtension' attribute in the root DSE [Section 5.1 of (RFC4512)|http://tools.ietf.org/html/rfc4512#section-5.1.]"
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [http://www.rfc-editor.org/rfc/rfc4525.txt|http://www.rfc-editor.org/rfc/rfc4525.txt|target='_blank'] - based on information retrieved 2013-06-15
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop