[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE:referrals question








> When using an LDAP URL, all is well--there is a place for
> the DN to go. When not using an LDAP URL, there may not be
> a DN field

If a referral is generated due to derefencing of an alias, then the
referral URL should be an LDAP URL.

Apurva



                                                                                                                                       
                      "Jim Sermersheim"                                                                                                
                      <jimse@novell.com        To:       Apurva Kumar/India/IBM@IBMIN                                                  
                      >                        cc:       <ietf-ldapbis@openldap.org>                                                   
                                               Subject:  RE:referrals question                                                         
                      09/03/03 07:17 PM                                                                                                
                                                                                                                                       
                                                                                                                                       



>>> Apurva Kumar <kapurva@in.ibm.com> 9/3/03 7:08:20 AM >>>
>Jim,
>
>> "If an alias was dereferenced, the <dn> part of the URL MUST
>> be present, with the new target object name". This assumes that
>> there is a <dn> part in the referral URL.
>
>Since an alias entry will contain an LDAP DN in its aliasedObjectName
>attribute (unlike referral attribute which might contain non LDAP URLs),
>the server will always have a <DN> part to return in the referral.
The point is not whether the server has a DN available, rather it has to do
with the format of the referral URL. When using an LDAP URL, all is
well--there is a place for the DN to go. When not using an LDAP URL, there
may not be a DN field. There are no guidelines in [Protocol] or anywhere
else that tell what fields are required in future referral URLs, nor can
any server know ahead of time how to modify any future referral URL in
order to inject a DN.

Jim