[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: reducing information duplication

To: openldap-software@openldap.org
Subject: Re: reducing information duplication
From: Guillaume Rousse <Guillaume.Rousse@inria.fr>
Date: Fri, 26 Oct 2007 10:18:23 +0200
In-reply-to: <471E4466.4000007@inria.fr>
References: <471E4466.4000007@inria.fr>
User-agent: Thunderbird 2.0.0.6 (X11/20070914)

Guillaume Rousse a écrit :
> I've had a quick look at slapo-dynlist man page, it seems it could
> achieve it using 'see-also' attribute to refer to the group dn, and
> probably an additional schema to add 'secretary' and 'manager'
> attributes to my group entries (posixGroup + groupOfNames).
My first attempt was to automatically retrieve primary group (posix
semantics) name (cn attribute) at user level entry.

Reading the splapo-dynlist man page, I understood I had to add new
attributes derived from labeledURI to my user entries. Hence this test
schema:
attributetype ( 1.3.6.1.4.1.12559.11.1.1 NAME 'ouURL' SUP labeledURI )
objectclass ( 1.3.6.1.4.1.12559.11.2.1
        NAME 'futursPerson'
        DESC 'Personne Futurs'
        AUXILIARY
        MAY ( ouURL ) )

Next, I configured dynlist overlay:
overlay dynlist
dynlist-attrset futursPerson ouURL

Next, i added the following entry to one of my user entry:
ouURL:
ldap:///ou=futurs,ou=groups,dc=futurs,dc=inria,dc=fr?cn?sub?(gidNumber=
5029)

However, all my request for this entry get the unexpanded attribute
value, instead of its result.

Manually trying the request for the group cn gives the expected result
(I don't know if there is a way to test the URL directly, tough):
ldapsearch -x -h localhost -b
ou=futurs,ou=groups,dc=futurs,dc=inria,dc=fr -s sub gidNumber=5029 cn

Using the canonical exemple of slap-dynlist man page, with a groupOfURLs
group, works ok, so the overlay seems to be OK.

So, what's wrong here ?

Anyway, I'm doubtful I can really achieve what I'm looking for with this
method:
- I can only have dynamic value for new attributes, I can't masquerade
existing ones (ie: having URL stored in ouURL attribute expanded in ou
attribute)
- I can't refer to current entry values in the URL filter (ie: something as:
ldap:///ou=futurs,ou=groups,dc=futurs,dc=inria,dc=fr?cn?sub?(gidNumber=$self->{gidNumber})),
meaning information is duplicated anyway: if my user ever change of
gidNumber, i'll have to modify its ouURL value also.

I also had a quick look at slapo-rwm as an alternative, but it's a bit
complex to figure if it can be used here.
-- 
Guillaume Rousse
Moyens Informatiques - INRIA Futurs
Tel: 01 69 35 69 62

References:
- reducing information duplication
  - From: Guillaume Rousse <Guillaume.Rousse@inria.fr>

Prev by Date: Re: Replication Problem
Next by Date: Re: Replication Problem
Index(es):
- Chronological
- Thread