I want to add a value to an already existing multi-value LDAP attribute (specifically the member attribute) and I am using Zend Framework 2 Zend/Ldap API.
It can easily be done by grabbing the actual value from the LAP server with ->getEntry(), modifying the resulting array with setAttribute() and writing the array back to the LDAP server with ->update(), all ZF2/Ldap functions.
Of course there is a but:
If I do it this way, it might happen that I write a very large array with thousands of entries to the LDAP server. Especially when writing the 'member' attribute to a GroupOfNames object, this may trigger the (in my case openldap's) memberof overlay and it starts to work (update? index?) on all of these thousands of entries.
In my case, I happen to run in a timeout. If I disable the memberof overlay in the openldap server, everything is fine. This might be an openldap bug or problem, but anyway, after this long foreplay, here is my question:
Basic php has a function ldap_mod_add() which adds just a single value to an existing attribute, no matter how many values there already are. CLI's ldapmodify works the same. This way I probably won't overload the memberof overlay.
How would I do something similar with the Zend/Ldap API?
Zend\Ldap\Attribute::setAttribute() knows how to append, but this only works on a local copied array. So how to append a value directly to the LDAP server entry?
