Re: (ITS#4991) pcache and rwm don't play well together

Ralf Haferkamp wrote:

>> It used to be a requirement that any data passing
through back-ldap be
>> defined in the local server's schema. Recently that
requirement was 
>> relaxed. I don't see how you can normalize them
safely, without knowing
>> their schema constraints.
> Yeah, there of course case were you can't normalize
safely. Probably that 
> feature should get a config-switch (defaulting to
"no normalization"). But 
> there are a lot of case where normalizing according to
the constraints of the 
> mapped attributetype should "just work".
> E.g. we have to proxy here for a directory that uses
all kinds of strange 
> attribute types instead of the well defined existing
types (e.g. it uses an 
> attributetype "fullname" instead of
"displayname" or "cn") and we know that

> we can savely map them to one of the well defined
attribute types. But we are 
> a bit reluctant to pollute the schema of the server
(which also host other 
> databases) with those attribute types.

The design of slapo-rwm(5) is based on: do things as correct
as
possible, but don't be too clever.  What you mean makes
sense; however,
in most cases when slapo-rwm(5) is needed there are chances
data has
some quirk.  So I'd leave an option whether or not to
require strict
normalization (this option could be per instance, or even
per mapping
rule).  In fact, slapo-rwm(5) needs to be tolerant about
cases where
nothing is known about the source data, and mapping is sort
of a hack.

Cheers, p.



Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masaratisys-net.it
---------------------------------------

On Tuesday 19 June 2007 20:32, Pierangelo Masarati wrote:
> Ralf Haferkamp wrote:
> >> It used to be a requirement that any data
passing through back-ldap be
> >> defined in the local server's schema. Recently
that requirement was
> >> relaxed. I don't see how you can normalize
them safely, without knowing
> >> their schema constraints.
> >
> > Yeah, there of course case were you can't
normalize safely. Probably that
> > feature should get a config-switch (defaulting to
"no normalization").
> > But there are a lot of case where normalizing
according to the
> > constraints of the mapped attributetype should
"just work".
> > E.g. we have to proxy here for a directory that
uses all kinds of strange
> > attribute types instead of the well defined
existing types (e.g. it uses
> > an attributetype "fullname" instead of
"displayname" or "cn") and we know
> > that we can savely map them to one of the well
defined attribute types.
> > But we are a bit reluctant to pollute the schema
of the server (which
> > also host other databases) with those attribute
types.
>
> The design of slapo-rwm(5) is based on: do things as
correct as
> possible, but don't be too clever.  What you mean makes
sense; however,
> in most cases when slapo-rwm(5) is needed there are
chances data has
> some quirk.  So I'd leave an option whether or not to
require strict
> normalization (this option could be per instance, or
even per mapping
> rule).  In fact, slapo-rwm(5) needs to be tolerant
about cases where
> nothing is known about the source data, and mapping is
sort of a hack.

Ok, I will rework the stuff to have the possibility to
enable/disable 
normalization.

regards,
	Ralf

-- 
SUSE LINUX Products GmbH, Maxfeldstrasse 5, D-90409
Nuernberg
T: +49-911-74053-0
F: +49-911-74053575 - Ralf.Haferkampsuse.com