grouper-dev - Re: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?

Subject: Grouper Developers Forum

List archive

Re: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?

From: Tom Zeller <>
To: Grouper Dev <>
Subject: Re: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?
Date: Thu, 3 Nov 2011 11:31:10 -0500

So, how should we handle provisioning a renamed stem to ldap via the
change log ?

Some (maybe most) ldap servers only allow non-leaf objects to be renamed.

When renaming a stem with child stems and groups, we would need to
create the new stem structure, move groups via renaming, and then
delete the old stem structure. I would categorize this as non-trivial.

My suggestion for 2.1 is that we say we do not support renaming
non-empty stems via the change log. A full-sync will create new
objects and delete old ones, rather than renaming or moving.

Thoughts ?

TomZ

> Before you get too far, a quick check against my local openldap
> reminds me that some directory servers support subtree renaming, and
> others may not.
>
> For example, given
>
> ou=stem,dc=edu
> ou=child,ou=stem,dc=edu
>
> I cannot moddn ou=stem since it is non-leaf. And I cannot rename
> ou=child first since the parent does not exist yet. I would need to
> create a new ou=newStem, move ou=child over to it, then delete
> ou=stem. Which would not be renaming. I guess we care about renaming
> stems for Active Directory since access privileges may be assigned to
> ous, not sure.
>
> Hmm.
>
> On Wed, Nov 2, 2011 at 8:08 AM, Shilen Patel
> <>
> wrote:
>> I think the ordering is inconsistent. I'll fix this to make the stems
>> come before the child objects. Let me know if anybody is expecting the
>> opposite order.
>>
>> Thanks!
>>
>> -- Shilen
>>
>> On 11/1/11 7:48 PM, "Tom Zeller"
>> <>
>> wrote:
>>
>>>When a stem containing child groups is renamed via
>>>setExtension("newExtension"), the change log entries for group renames
>>>occur before the stem rename.
>>>
>>>This makes it difficult to rename child groups on a target ldap
>>>directory, since the renamed stem (i.e. the OU) has not been renamed
>>>yet.
>>>
>>>Is it possible to change the change log order ? maybe configurably ?
>>>
>>>Otherwise, I would need to gather all change log events for the stem
>>>rename context id, and reorder them somehow, shudder.

[grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?, Tom Zeller, 11/01/2011
- Re: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?, Shilen Patel, 11/02/2011
  - Re: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?, Tom Zeller, 11/02/2011
    - RE: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?, Chris Hyzer, 11/02/2011
    - Re: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?, Tom Zeller, 11/03/2011
      - RE: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?, Chris Hyzer, 11/03/2011
        
        Re: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?, Shilen Patel, 11/03/2011
        
        Re: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?, Tom Zeller, 11/04/2011
        
        RE: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?, Chris Hyzer, 11/04/2011
        Re: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?, Tom Zeller, 11/04/2011
        RE: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?, Chris Hyzer, 11/04/2011

List archive

Re: [grouper-dev] [ldappcng] change log ordering when renaming stems with child groups ?