summaryrefslogtreecommitdiffstats
path: root/contrib/slapd-modules/emptyds/README
blob: 9789a2a3613f8c0b78bcc93c6a5e26f7dd67a068 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
emptyds Overlay README

DESCRIPTION
    This package contains an OpenLDAP overlay called "emptyds" (empty
    directory string) that eliminates empty values of type directory string
    (OID 1.3.6.1.4.1.1466.115.121.1.15) from the list of the values in the
    following manner:
    
    - add: All empty attribute values will be removed before the add request
      is executed
    - mod-replace: A replace with empty values will be modified to a replace
      without values. As result the attribute will be deleted
    - mod-add: All empty attribute values will be removed before the mod-add
      request is executed
    - mod-delete: All empty attribute values will be removed before the
      mod-delete request is executed
    
    If removing all empty values from a modification makes it a no-op, that
    modification is removed from the list.
    
    At module load time the emptyds overlay manipulates the syntax checking
    so that it intercepts the syntax check and allows empty values for
    attributes of type directory string only. Non-empty values continue to
    go through the normal check routines. It is therefore very important to
    configure the overlays in a way that ensures that the emptyds overlay gets
    the control over the operation before any other overlay. Otherwise it
    could come to the situation with empty attribute values in the data base.
    
    David Hawes' addpartial overlay has been used as starting point for this
    overlay.
     
BUILDING
    A Makefile is included, please set your LDAP_SRC directory properly.

INSTALLATION
    After compiling the emptyds overlay, add the following to your
    slapd.conf:

    ### slapd.conf
    ...
    moduleload emptyds.la
    ...
    overlay emptyds
    ...
    # before database directive...
    # this overlay must be the last overlay in the config file to ensure that
    # requests are modified before other overlays get them.
    ...
    ### end slapd.conf

CAVEATS
    - In order to ensure that emptyds does what it needs to do, it must be
      the last overlay configured so it will run before the other overlays.

---
Copyright 2014-2024 The OpenLDAP Foundation.
Portions Copyright (C) DAASI International GmbH, Tamim Ziai.
All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted only as authorized by the OpenLDAP
Public License.

A copy of this license is available in file LICENSE in the
top-level directory of the distribution or, alternatively, at
http://www.OpenLDAP.org/license.html.