Modifying backend...

[asr@ufl.edu]

What are the appropriate functions to use to e.g. get a particular attribute
from an entry -from within a backend- ?  


In our current production LDAP, we're running a custom authentication I hacked
into the back-ldbm.  I pull the username out of the DN, because it happens to
be there.  (don't ask. ;)

We're re-arranging a lot of things in LDAP land now, and one of them is that
our DNs will no longer be

cn=foo, o=University of Florida, c=US

where foo is the userid.

Instead (probably) it'll be be

uuid=000000000, dc=ufl, dc=edu

where the UUID is a Universally Unique ID that is not the SSN.

Anyone who'd like to, please comment on wether this sounds like a dumb idea.
The UUID is our new sorta-object-code for people across campus, and is the
only thing that won't be changing.  It seemed reasonable to make it part of
the DN.  I'd anticipate moving that to the dnComponent suggested by the I2
middleware group if that gets accepted, but nothing else I've got is unique.



So, if I'm attempting to authenticate, I can locate the record, but the userid
is no longer present in the DN, so I have to get an attribute.

I've been digging through the back-end code and am pretty sure that I can get
what I want from attr_find. Unfortunately all of the criteria and return
values appear to be special BERish constructs. I haven't had much luck
searching for the right helper functions to e.g. generate an
AttributeDescription that means "use the attribute named 'uid'".  I can
construct one by hand, but that seems like I'd be doing it the stupid way.

Can anyone point me at the right chunk of documentation or source that would
make the tools available to do this more clear?

I've looked some at the other backends, and they seem to use lower-level
functions to glean data, so should I really be doing LDBM calls and parsing
the contents by hand?  Ugh.

If someone has a clue bat, I can take one on the chin. :) 


- Allen S. Rout