Lightweight Directory Access Protocol (LDAP) Modify-Increment Extension
RFC 4525

Document Type RFC - Informational (June 2006; No errata)
Was draft-zeilenga-ldap-incr (individual in app area)
Last updated 2013-03-02
Stream IETF
Formats plain text pdf html
Stream WG state (None)
Consensus Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 4525 (Informational)
Telechat date
Responsible AD Ted Hardie
Send notices to kurt@openLDAP.org
Network Working Group                                        K. Zeilenga
Request for Comments: 4525                           OpenLDAP Foundation
Category: Informational                                        June 2006

              Lightweight Directory Access Protocol (LDAP)
                       Modify-Increment Extension

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   This document describes an extension to the Lightweight Directory
   Access Protocol (LDAP) Modify operation to support an increment
   capability.  This extension is useful in provisioning applications,
   especially when combined with the assertion control and/or the pre-
   read or post-read control extension.

Table of Contents

   1. Background and Intended Use .....................................1
   2. The Modify-Increment Extension ..................................2
   3. LDIF Support ....................................................2
   4. Security Considerations .........................................3
   5. IANA Considerations .............................................3
      5.1. Object Identifier ..........................................3
      5.2. LDAP Protocol Mechanism ....................................3
      5.3. LDAP Protocol Mechanism ....................................4
   6. References ......................................................4
      6.1. Normative References .......................................4
      6.2. Informative References .....................................5

1.  Background and Intended Use

   The Lightweight Directory Access Protocol (LDAP) [RFC4510] does not
   currently provide an operation to increment values of an attribute.
   A client must read the values of the attribute and then modify those
   values to increment them by the desired amount.  As the values may be
   updated by other clients between this add and modify, the client must

Zeilenga                     Informational                      [Page 1]
RFC 4525            LDAP Modify-Increment Extension            June 2006

   be careful to construct the modify request so that it fails in this
   case, and upon failure, to re-read the values and construct a new
   modify request.

   This document extends the LDAP Modify Operation [RFC4511] to support
   an increment values capability.  This feature is intended to be used
   with either the LDAP pre-read or post-read control extensions
   [RFC4527].  This feature may also be used with the LDAP assertion
   control extension [RFC4528] to provide test-and-increment
   functionality.

   In this document key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
   "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
   "OPTIONAL" are to be interpreted as described in BCP 14 [RFC2119].

2.  The Modify-Increment Extension

   This document extends the LDAP Modify request to support a increment
   values capability.  Implementations of this extension SHALL support
   an additional ModifyRequest operation enumeration value increment
   (3), as described herein.  Implementations not supporting this
   extension will treat this value as they would an unlisted value,
   e.g., as a protocol error.

   The increment (3) operation value specifies that an increment values
   modification is requested.  All existing values of the modification
   attribute are to be incremented by the listed value.  The
   modification attribute must be appropriate for the request (e.g., it
   must have INTEGER or other increment-able values), and the
   modification must provide one and only one value.  If the attribute
   is not appropriate for the request, a constraintViolation or other
   appropriate error is to be returned.  If multiple values are
   provided, a protocolError is to be returned.

   Servers supporting this feature SHOULD publish the object identifier
   (OID) 1.3.6.1.1.14  as a value of the 'supportedFeatures' [RFC4512]
   attribute in the root DSE.  Clients supporting this feature SHOULD
   NOT use the feature unless they know the server supports it.

3. LDIF Support

   To represent Modify-Increment requests in LDAP Data Interchange
   Format [RFC2849], the ABNF [RFC4234] production <mod-spec> is
   extended as follows:

       mod-spec =/ "increment:" FILL AttributeDescription SEP
            attrval-spec "-" SEP

Zeilenga                     Informational                      [Page 2]
Show full document text