Full_Name: Pierangelo Masarati Version: HEAD OS: irrelevant URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (81.72.89.40) Submitted by: ando Back-meta allows to glue together remote hosts that serve overlapping naming contexts; for instance, one may glue two servers that both serve "dc=example,dc=com". Note that in this case, a violation of the LDAP data model occurs because two different bits of information cannot have the same DN and be part of the same distributed DSA. However, there might be need for this feature whenever the administrator of back-meta can ensure, by different means, that the data model is otherwise preserved. Again an example: suppose target 0 serves "dc=example,dc=com" and only provides the context entry and the "ou=People" tree, while target 1 serves "dc=example,dc=com" and only provides the context entry and some trees including "ou=Groups", "ou=Admin" and so. The back-meta administrator may want to glue the context entry from target 0 and the forest of target 1, excluding the context entry from the latter. Currently, this cannot be done; but there would be a simple way to do it by providing each target a scope modifier in addition to the currently provided base modifier. For instance: database meta suffix dc=example,dc=com uri ldap://target0/dc=example,dc=com uri ldap://target1/dc=example,dc=com would return two instances of the "dc=example,dc=com" entry; the suggested enhancement would allow database meta suffix dc=example,dc=com uri ldap://target0/dc=example,dc=com uri ldap://target1/dc=example,dc=com??subordinate so target 1 would be serving namingContext "dc=example,dc=com" but only for requests __below__ it. The use of the URI directive to specify targets also suggests more enhancements (that are out of scope for this ITS); e.g. the possibility to limit the attributes back-meta will be accessing, or the possibility to specify additional filters and so. p.
moved from Incoming to Development
changed notes
> The use of the URI directive to specify targets also suggests more > enhancements > (that are out of scope for this ITS); e.g. the possibility to limit the > attributes back-meta will be accessing, or the possibility to specify > additional > filters and so. On a related note, back-meta and back-ldap could benefit from this latter enhancement: the (optional) filter could be asserted via the assertion control <draft-zeilenga-ldap-assert>, and/or ANDed to regular search filters for search operations; the (optional) attrlist could be used to control what attributes can be read/written. p. -- Pierangelo Masarati mailto:pierangelo.masarati@sys-net.it SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497
moved from Development to Software Enhancements
changed notes changed state Open to Test
changed notes changed state Test to Release
changed notes changed state Release to Closed
>> The use of the URI directive to specify targets also suggests more >> enhancements >> (that are out of scope for this ITS); e.g. the possibility to limit the >> attributes back-meta will be accessing, or the possibility to specify >> additional >> filters and so. > > On a related note, back-meta and back-ldap could benefit from this latter > enhancement: the (optional) filter could be asserted via the assertion > control <draft-zeilenga-ldap-assert>, and/or ANDed to regular search > filters for search operations; the (optional) attrlist could be used to > control what attributes can be read/written. Of course, the addition of an assertion control would conflict with client-requested assertions; in this specific case, the client-requested assertion could be decoded, augmented by the proxy's: sprintf("(&%s%s)", proxy, client) and re-encoded. p. Ing. Pierangelo Masarati Responsabile Open Solution OpenLDAP Core Team SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------
moved from Software Enhancements to Archive.Software Enhancements
back-meta; may be useful in back-ldap "scope" portion implemented in HEAD/re23