[Date Prev][Date Next] [Chronological] [Thread] [Top]

aliased bases

To: "'OpenLDAP Development'" <OpenLDAP-devel@openldap.org>
Subject: aliased bases
From: Will Ballantyne <Will.Ballantyne@gems1.gov.bc.ca>
Date: Tue, 13 Oct 1998 20:43:15 +0000

I've put together some code to allow for the aliasing of search bases in
the openldap package.  The code is only implemented for the search
capability but I will add it to the add/mod/del etc. as time permits.

This comes about from the puzzle of how to support the various standards
for the composition of DNs.  Specifically how the choice of a base could
be made to fit the various standards for later integration in the name
spaces defined by the various authorities.

For example, in the X.500 structure we have the name "o=Government of
British Columbia,c=CA".  While we are phasing out X.500, we will likely
continue to provide access through some form of DAP/DSP to LDAP bridge.
RFC2377 recommends using the dc components, so we would have
"dc=gov,dc=bc,dc=ca".  The base aliasing allows the ldap server to
receive and respond to both correctly and we don't need to worry too
much about which we choose internally.  Subparts can also be aliased in
this way.

I would like to apply enhancements we make here back to the original
distribution.  Please let me know the best way to provide the code and
whether this enhancement would be useful to others.  Also, I would be
very curious as to what others are doing to the following three areas:

    bound access control, especially object based access control.
    host based access control
    chaining and replication

Thanks.

--
Will Ballantyne     GEMS Technical Architect
mailto:Will.Ballantyne@gems1.gov.bc.ca

Prev by Date: FW: Multiple master LDAP servers
Next by Date: Re: aliased bases
Index(es):
- Chronological
- Thread