[Date Prev][Date Next] [Chronological] [Thread] [Top]

Using referrals as a dynamic group mechanism?

To: OpenLDAP-software@OpenLDAP.org
Subject: Using referrals as a dynamic group mechanism?
From: Mads Freek <freek@ruc.dk>
Date: Sun, 28 Jul 2002 19:49:09 +0200
In-reply-to: <1.5.4.32.20020720074229.417928b0@pop.nerim.net>

I'm trying to use referrals as a poor mans dynamic group mechanism. I have this referral entry in my dit:

dn: cn=professors,ou=dgroups,dc=ruc,dc=dk
cn: professors
ref: ldap://127.0.0.1/ou=users,dc=ruc,dc=dk???(title=professor)
objectclass: referral
objectclass: extensibleObject

According to RFC 2251 (LDAPv3) section 4.1.11. Referral (page 18 bottom and page 19 top):

If the filter part of the URL is present in an LDAPURL, the
client MUST use this filter in its next request to progress
this search, and if it is not present the client MUST use
the same filter as it used for that search.

Ie the filter present in the ref url must be used when chasing the referral (and referrals mechanism can be used as a dynamic group mechanism. Ignoring for the moment the problem of getting the url to point to the present server in a generic way). But ldapsearch ignores it and uses the "original" search filter.

Have I misunderstood the spec or doesn't ldapsearch (using libldap) work according to it?

Regards Mads Freek

------------------------------------------------------
Mads Freek Petersen
Computer Science Department
Roskilde University
Building 42-1, P.O. Box 260, DK-4000 Roskilde, Denmark

Phone:  +45 4674 3882
Fax:    +45 4674 3072
E-mail: freek@ruc.dk

References:
- ldapmodify - deletion of related attributes
  - From: Gerard Patel <gerard.patel@nerim.net>

Prev by Date: Re: OpenLDAP 2.1.3 and Berkeley DB 4.0.14
Next by Date: Re: OpenLDAP 2.1.3 and Berkeley DB 4.0.14
Index(es):
- Chronological
- Thread