Full_Name: Mark Whitehouse Version: 2.0.6 OS: RH Linux 6.2 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (24.0.41.53) Enhancement request: Extend the ManageDsaIT control to be able to handle multiple namingContext's. When adding entries into a server with multiple namingContext's it is sometimes necessary to be able to specify the namingContext for which the add should be applied. A particular example using referrals is taken from the OpenLDAP newsgroup: At 08:59 AM 10/2/00 -0700, Mark Whitehouse wrote: >> >>Assume I have multiple namingContexts on one server i.e. >> >> database ldbm >> suffix "ou=people,dc=foo,dc=com" >> directory /var/ldbm/foo-people >> index objectclass eq >> >> database ldbm >> suffix "ou=devices,dc=foo,dc=com" >> directory /var/ldbm/foo-devices >> index objectclass eq >> >> database ldbm >> suffix "dc=foo,dc=com" >> directory /var/ldbm/foo >> index objectclass eq >> >>How do I create the referrals in the third namingContext, which refer the >>entries in the first and second. I need to be able to add the following >>referral entries to the third naming context: >> >> dn: ou=devices,dc=foo,dc=com >> ou: devices >> ref: ldap://localhost/ou=devices,dc=foo,dc=com >> objectclass: referral >> objectclass: extensibleObject >> >> dn: ou=people,dc=foo,dc=com >> ou: devices >> ref: ldap://localhost/ou=people,dc=foo,dc=com >> objectclass: referral >> objectclass: extensibleObject >> >>However, as far as I can see there is no way to specify a namingContext to >>use when performing an ldapadd operation. Kurt D. Zeilenga replies: >The easiest way to do this is to bring up slapd with only the >one suffix "dc=foo,dc=com", add the two referral objects, >and then restart the server with the full configuration. > >This really should be handled by our ManageDsaIT code, but >isn't (yet).
moved from Incoming to Software Enhancements
changed notes changed state Open to Test
changed notes changed state Test to Release
Thanks. Yes I will test. Do you have any information on how the enhancement works from the LDAP C API? i.e. how do I specify that I want an LDAP operation to apply to a particular namingContext... -----Original Message----- From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org] Sent: Monday, October 30, 2000 3:12 PM To: markwhitehouse@home.com Subject: Re: ManageDsaIT and multiple namingContexts (ITS#851) HEAD and OPENLDAP_REL_ENG_2 both contain code which provides improved ManageDsaIt handling. Please test. At 04:33 PM 10/20/00 +0000, you wrote: >Full_Name: Mark Whitehouse >Version: 2.0.6 >OS: RH Linux 6.2 >URL: ftp://ftp.openldap.org/incoming/ >Submission from: (NULL) (24.0.41.53) > > >Enhancement request: > Extend the ManageDsaIT control to be able to handle multiple namingContext's. > >When adding entries into a server with multiple namingContext's it is sometimes >necessary to be able to specify the namingContext for which the add should be >applied. A particular example using referrals is taken from the OpenLDAP >newsgroup: > >At 08:59 AM 10/2/00 -0700, Mark Whitehouse wrote: > >>> >>>Assume I have multiple namingContexts on one server i.e. >>> >>> database ldbm >>> suffix "ou=people,dc=foo,dc=com" >>> directory /var/ldbm/foo-people >>> index objectclass eq >>> >>> database ldbm >>> suffix "ou=devices,dc=foo,dc=com" >>> directory /var/ldbm/foo-devices >>> index objectclass eq >>> >>> database ldbm >>> suffix "dc=foo,dc=com" >>> directory /var/ldbm/foo >>> index objectclass eq >>> >>>How do I create the referrals in the third namingContext, which refer the >>>entries in the first and second. I need to be able to add the following >>>referral entries to the third naming context: >>> >>> dn: ou=devices,dc=foo,dc=com >>> ou: devices >>> ref: ldap://localhost/ou=devices,dc=foo,dc=com >>> objectclass: referral >>> objectclass: extensibleObject >>> >>> dn: ou=people,dc=foo,dc=com >>> ou: devices >>> ref: ldap://localhost/ou=people,dc=foo,dc=com >>> objectclass: referral >>> objectclass: extensibleObject >>> >>>However, as far as I can see there is no way to specify a namingContext to >>>use when performing an ldapadd operation. > >Kurt D. Zeilenga replies: > >>The easiest way to do this is to bring up slapd with only the >>one suffix "dc=foo,dc=com", add the two referral objects, >>and then restart the server with the full configuration. >> >>This really should be handled by our ManageDsaIT code, but >>isn't (yet).
At 08:03 PM 10/31/00 +0000, markwhitehouse@home.com wrote: >Thanks. Yes I will test. Do you have any information on how the >enhancement works from the LDAP C API? The enhancement is that OpenLDAP's manageDSAit support is more consistent with the specification (which is "a work in progress"). The changes are server side, no C API changes needed. >i.e. how do I specify that I want an >LDAP operation to apply to a particular namingContext... You don't. Like before, you specify that the operation manages the DSA information tree. If the requested DN is at the root of a context and the server holds a subordinate context, the server processes the operation in the subordinate context. Kurt
changed notes changed state Release to Closed
Just got around to testing this today (sorry for the delay)... I installed 2.0.7 and I still can't add a referral when multiple namingContext's are active. I have attached a tar file with an example slapd.conf and a couple of scripts to illustrate the problem. After copying the slapd.conf file and creating the db dirs (/var/ldbm/foo, /var/ldbm/foo-people, /var/ldbm/foo-devices) run: > ./addinit.bat > ./addref.bat Although the results of the addref.bat script indicate that an entry has been added, it is nowhere to be found in the directory. Looking at the DB dirs it looks like the entry has been added to the foo-people db. Mark --- Kurt@OpenLDAP.org wrote: > At 08:03 PM 10/31/00 +0000, markwhitehouse@home.com wrote: > >Thanks. Yes I will test. Do you have any information on how the > >enhancement works from the LDAP C API? > > The enhancement is that OpenLDAP's manageDSAit support is more > consistent with the specification (which is "a work in progress"). > The changes are server side, no C API changes needed. > > >i.e. how do I specify that I want an > >LDAP operation to apply to a particular namingContext... > > You don't. Like before, you specify that the operation manages > the DSA information tree. If the requested DN is at the root > of a context and the server holds a subordinate context, the > server processes the operation in the subordinate context. > > Kurt > > > > __________________________________________________ Do You Yahoo!? Yahoo! Shopping - Thousands of Stores. Millions of Products. http://shopping.yahoo.com/
available in HEAD avallable in re20