LDAP ModifyRDN Operation

Subject: LDAP ModifyRDN Operation
Author: eLDAP
Posted on: 12/04/2006 07:03:04 PM

While ModifyRDN refering to LDAP V2, ModifyDn refers to LDAP V3. Here is an excertp from RFC 2251:

4.9. Modify DN Operation

   The Modify DN Operation allows a client to change the leftmost (least
   significant) component of the name of an entry in the directory, or
   to move a subtree of entries to a new location in the directory.  The
   Modify DN Request is defined as follows:

        ModifyDNRequest ::= [APPLICATION 12] SEQUENCE {
                entry           LDAPDN,
                newrdn          RelativeLDAPDN,
                deleteoldrdn    BOOLEAN,
                newSuperior     [0] LDAPDN OPTIONAL }

   Parameters of the Modify DN Request are:

   - entry: the Distinguished Name of the entry to be changed.  This
     entry may or may not have subordinate entries.

   - newrdn: the RDN that will form the leftmost component of the new
     name of the entry.

   - deleteoldrdn: a boolean parameter that controls whether the old RDN
     attribute values are to be retained as attributes of the entry, or
     deleted from the entry.

   - newSuperior: if present, this is the Distinguished Name of the entry
     which becomes the immediate superior of the existing entry.

   The result of the name change attempted by the server upon receipt of
   a Modify DN Request is returned in the Modify DN Response, defined
   as follows:

        ModifyDNResponse ::= [APPLICATION 13] LDAPResult

   Upon receipt of a ModifyDNRequest, a server will attempt to
   perform the name change. The result of the name change attempt will
   be returned to the client in the Modify DN Response.

   For example, if the entry named in the "entry" parameter was
   "cn=John Smith,c=US", the newrdn parameter was "cn=John Cougar Smith",
   and the newSuperior parameter was absent, then this operation would
   attempt to rename the entry to be "cn=John Cougar Smith,c=US".  If
   there was already an entry with that name, the operation would fail
   with error code entryAlreadyExists.

   If the deleteoldrdn parameter is TRUE, the values forming the old
   RDN are deleted from the entry.  If the deleteoldrdn parameter is
   FALSE, the values forming the old RDN will be retained as
   non-distinguished attribute values of the entry.  The server may
   not perform the operation and return an error code if the setting of
   the deleteoldrdn parameter would cause a schema inconsistency in the
   entry.

   Note that X.500 restricts the ModifyDN operation to only affect
   entries that are contained within a single server.  If the LDAP
   server is mapped onto DAP, then this restriction will apply, and the
   resultCode affectsMultipleDSAs will be returned if this error
   occurred.  In general clients MUST NOT expect to be able to perform
   arbitrary movements of entries and subtrees between servers.

Replies:

A JNDI CLient eLDAP 12/04/2006 07:17:10 PM
Error 1 -- AD doesn't support 'deleteoldrdn' eLDAP 12/04/2006 07:33:12 PM
Error 2 -- entryAlreadyExists eLDAP 12/04/2006 07:43:33 PM
Error 3 -- Not Allowed On Non-leaf Node eLDAP 12/04/2006 08:07:24 PM
Error 4 -- not support moving of entries eLDAP 12/04/2006 08:15:56 PM
Observations eLDAP 12/04/2006 08:33:04 PM
Line Command of LDAP ModiyRDN eLDAP 12/04/2006 08:39:32 PM
Changelog format of LDAP ModifyRDN eLDAP 12/08/2006 01:56:54 PM

References:

Next Post: A JNDI CLient eLDAP 12/04/2006 07:17:10 PM
Previous Post: Examples SteveHB 11/27/2006 08:18:57 PM
Next Topic: UserAccountControl VS NsAccountLock eLDAP 12/28/2006 08:11:58 PM
Previous Topic: Special Characters in DN -- RFC-1779,2253,4514 SteveHB 11/27/2006 08:10:08 PM
Index: by Date
Index: by Topic