On Wed, 30 May 2018 10:03:19 +0200 Marco Gaiarin via samba <samba at lists.samba.org> wrote:> Mandi! Andrew Bartlett via samba > In chel di` si favelave... > > > > newid="dn: > > > CN=$domainNETBios,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,$domainDN > > > changetype: modify replace: $1 > > > $1: $2" > > > > Actually, you would want to use (something like this, not tested): > > > > changetype: modify > > add: $1 > > $1: $2 > > delete: $1 > > $1: $2 > > > > This is called a constrained update, and avoids a race where the > > value changes between the search and the modify. > > I'm a bit astonished. > > So, in AD LDAP lingo, a 'modify' is not atomic, and a 'delete/add' > yes? > > Awake me, please... ;-))) >Did you see my reply to what Andrew posted ? I personally do not think that the above will actually work. Rowland
Mandi! Rowland Penny via samba In chel di` si favelave...> > So, in AD LDAP lingo, a 'modify' is not atomic, and a 'delete/add' > > yes?Ahem, i meant: So, in AD LDAP lingo, a 'replace' is not atomic, and a 'delete/add' yes?> Did you see my reply to what Andrew posted ? > I personally do not think that the above will actually work.Andrew proposed add -> delete, you proposed delete -> add: i'm simply asking why these are more 'atomic' that a 'replace'... -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797 Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000 (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
On Wed, 30 May 2018 10:33:55 +0200 Marco Gaiarin via samba <samba at lists.samba.org> wrote:> Mandi! Rowland Penny via samba > In chel di` si favelave... > > > > So, in AD LDAP lingo, a 'modify' is not atomic, and a 'delete/add' > > > yes? > > Ahem, i meant: > > So, in AD LDAP lingo, a 'replace' is not atomic, and a 'delete/add' > yes? > > > > Did you see my reply to what Andrew posted ? > > I personally do not think that the above will actually work. > > Andrew proposed add -> delete, you proposed delete -> add: i'm simply > asking why these are more 'atomic' that a 'replace'... >OK, from my understanding. If you just do a 'replace' it will do just that, it will replace the attribute value, even if something has managed to get in before you and changed it, so you could 'replace' the value with the same value. If you 'delete' the old value first and it isn't the value you think it is, the delete will fail and the entire update will fail. if you 'add' a new value and the 'delete' failed, the 'add' will fail because the attribute is singled valued and already exists. Rowland