[Freeipa-devel] modRDN
Rob Crittenden
rcritten at redhat.com
Mon Nov 12 20:59:51 UTC 2007
Rich Megginson wrote:
> Rob Crittenden wrote:
>> I have a ticket (#3) to allow the RDN to be modified.
>>
>> python-ldap has a modrdn function so I know that I *can* change it,
>> just have an ordering question.
>>
>> The request may come with a slew of other changes as well (likely gn,
>> sn and sn too). It might just be easier, because of the way we
>> generate the list of changes, to do the other changes first and then
>> the modrdn. Is there any reason to do one before the other?
>>
>> I assume that any attribute in the DN gets automatically changed
>> during the modrdn operation. Is that correct?
> I'm not sure what you mean.
My current entry is uid=me, dc=freeipa,dc=org
I do a modrdn to uid=thenewme, dc=freeipa,dc=org
Is uid an attribute simply because it is in the DN or is it stored
separately in the DS?
I'm assuming that I don't need to issue a change for uid. Is that a good
assumption?
>>
>> We already have the referential integrity plugin enabled so in theory
>> I just have to worry about constructing the two updates properly and
>> not an repercusions of them. Right?
> It depends. By default, refint will rename the old DN to the new DN in
> the attributes member, uniquemember, owner, and seeAlso in all entries
> in your suffix/subtree.
And it'll fix up group membership I think?
We have a couple of additional fields configured (manager & secretary).
thanks
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20071112/8469bce3/attachment.bin>
More information about the Freeipa-devel
mailing list