Who care if there have to be complex DIT, the basedn already told us where to write,
This is a over-simplifying assumption. Not true on many corporate directories.
what to be worry is did you have the right to write that LDAP addressbook :)
Let me summarize the issues again:
- DIT issues when adding new entries
- access control (very complex server-side issue)
- multi-valued attributes (there's currently not even good support for reading them)
- schema issues require complex client configuration (mozillaPerson is not the way to go in most corporate directories)
One could imagine that functionality is added which solely allows to modify an existing entry. This would make it possible to use Mozilla for user self-service with a corporate directory and avoid the bigger issues with DIT and schema. Still smarter handling of multi-valued attributes is needed.
Make one AB for read and one AB for write.
???
| Write/Update each attribute individually so you only get an error | message for those fields you can't update/add.
Agree.
This sacrifies the atomicity of the LDAP write operation.
Ciao, Michael.
