[Date Prev][Date Next] [Chronological] [Thread] [Top]

models: about using the directory

To: ietf-ldapbis@OpenLDAP.org
Subject: models: about using the directory
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Sat, 20 Dec 2003 20:42:24 +0100

I have the impression that [Models] is supposed to be read first
among the LDAP documents.  Is that correct?

If so, I think it is unfortunate that [Models] is completely
static:  It describes the directory, but not how it can be used.
I suggest something like this is added as section 1.* - or after
2.1, except that doesn't fit the name of section 2:

  <Section.Subsection>.  Using the directory

    Using the LDAP protocol [Protocol], a client may among other
    things:

    - optionally authenticate to the LDAP server,
    - search for and retrieve entries in the directory,
    - add, modify, move and delete entries in the directory,
    - administer the directory,
    - encrypt the LDAP session. 

    A search operation specifies among other things

    - a filter which says what to search for,
    - a base object: the entry at which the search should start,
    - where to search from there: only the base object itself, its
      immediate subordinate entries, or a subtree of entries with
      its root at the base object.

    There is no separate read operation.  A base object search with
    a filter which always succeeds can be used for this purpose.

    Servers may refer clients to other servers for operations on
    entries that are not held or mastered by the original server.

I included some detail about searches because searches, filteres
and base objects are referred to several places in [Models], which
may be easier to understand after reading this text.

-- 
Hallvard

Prev by Date: Re: Protocol: control specifications.
Next by Date: Re: Protocol: Unbind
Index(es):
- Chronological
- Thread