| |
A JNDI CLient |
|
|
Subject: A JNDI CLient
Author: eLDAP
In response to: LDAP ModifyRDN Operation
Posted on: 12/04/2006 07:17:10 PM
Here is a programming example to show how to change the leftmost component of the name of an entry in the directory, or to move a subtree to a new location in the directory.
/**
*
* ModifyRDN .java
* Sample code to demostrate how ModifyRDN/ModifyDN works.
*
*/
import javax.naming.*;
import javax.naming.directory.*;
import java.util.Hashtable;
public class ModifyRDN
{
public static void main(String[] args)
{
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://myLdapServer:389/dc=myDomain,dc=com");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=directory manager");
env.put(Context.SECURITY_CREDENTIALS, "password");
/*
Whether the old RDN attribute values are to be retained
as attributes of the entry, or deleted from the entry
*/
env.put("java.naming.ldap.deleteRDN", "true"); // default is 'true'
try {
/* Create the initial context */
DirContext ctx = new InitialDirContext(env);
ctx.rename("cn=John Smith,ou=Sales,ou=People",
"cn=John Cougar Smith,ou=Sales,ou=People");
/* Close the context when it's done */
ctx.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}
>
> On 12/04/2006 07:03:04 PM eLDAP wrote:
While ModifyRDN refering to LDAP V2, ModifyDn refers to LDAP V3. Here is an excertp from RFC 2251:
4.9. Modify DN Operation
The Modify DN Operation allows a client to change the leftmost (least
significant) component of the name of an entry in the directory, or
to move a subtree of entries to a new location in the directory. The
Modify DN Request is defined as follows:
ModifyDNRequest ::= [APPLICATION 12] SEQUENCE {
entry LDAPDN,
newrdn RelativeLDAPDN,
deleteoldrdn BOOLEAN,
newSuperior [0] LDAPDN OPTIONAL }
Parameters of the Modify DN Request are:
- entry: the Distinguished Name of the entry to be changed. This
entry may or may not have subordinate entries.
- newrdn: the RDN that will form the leftmost component of the new
name of the entry.
- deleteoldrdn: a boolean parameter that controls whether the old RDN
attribute values are to be retained as attributes of the entry, or
deleted from the entry.
- newSuperior: if present, this is the Distinguished Name of the entry
which becomes the immediate superior of the existing entry.
The result of the name change attempted by the server upon receipt of
a Modify DN Request is returned in the Modify DN Response, defined
as follows:
ModifyDNResponse ::= [APPLICATION 13] LDAPResult
Upon receipt of a ModifyDNRequest, a server will attempt to
perform the name change. The result of the name change attempt will
be returned to the client in the Modify DN Response.
For example, if the entry named in the "entry" parameter was
"cn=John Smith,c=US", the newrdn parameter was "cn=John Cougar Smith",
and the newSuperior parameter was absent, then this operation would
attempt to rename the entry to be "cn=John Cougar Smith,c=US". If
there was already an entry with that name, the operation would fail
with error code entryAlreadyExists.
If the deleteoldrdn parameter is TRUE, the values forming the old
RDN are deleted from the entry. If the deleteoldrdn parameter is
FALSE, the values forming the old RDN will be retained as
non-distinguished attribute values of the entry. The server may
not perform the operation and return an error code if the setting of
the deleteoldrdn parameter would cause a schema inconsistency in the
entry.
Note that X.500 restricts the ModifyDN operation to only affect
entries that are contained within a single server. If the LDAP
server is mapped onto DAP, then this restriction will apply, and the
resultCode affectsMultipleDSAs will be returned if this error
occurred. In general clients MUST NOT expect to be able to perform
arbitrary movements of entries and subtrees between servers.
References:
|
|
|
|
