For search operations, once the base object has been found and deter-
mined not to contain a ref attribute, the search may progress. Any
entries matching the filter and scope of the search that do NOT contain
a ref attribute are returned to the client normally as described in
[RFC2251]. Any entries matching the filter and one level scope that
do
contain a ref attribute must be returned as referrals as described
here.
##########
Normally referral entries will not match the
given filter. Should the last
line be something else ? And instead
of 'returned as referrals' should it be
returned as 'continuation references ?
Similar comment on '5.1.1.4. Search with subtree scope'.
Some other comments:
1. I think this document does not describe how 'attributes' and 'filter'
fields
in the LDAP URI should be handled, particularly
in case of search
operations.
2. If the DN part in the LDAP URI is different from the DN of the referral
object then the referral behaves like an alias too.
Is that good/OK ?
3. How about if 'ref' attribute only has LDAP host and port and in case
of onelevel and subtree search operations DN of
the referral object
should be appended (and '??base' in case of onelevel
search) by the
server ? Do we lose lot of functionality with
this simplification ?
sanjay
Internet-Drafts@ietf.org wrote:
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the LDAP Extension Working Group of the IETF.Title : Named Referrals in LDAP Directories
Author(s) : C. Lukas, T. Howes, M. Roszkowski, M. Smith, M. Wahl
Filename : draft-ietf-ldapext-namedref-00.txt
Pages : 13
Date : 09-Jun-99This document defines a 'ref' attribute and associated 'referral' object
class for representing generic knowledge information in LDAP directories
[RFC2251]. The attribute uses URIs [RFC1738] to represent knowledge,
enabling LDAP and non-LDAP services alike to be referenced. The object
class can be used to construct entries in an LDAP directory containing
references to other directories or services. This document also defines
procedures directory servers should follow when supporting these schema
elements and when responding to requests for which the directory server
does not contain the requested object but may contain some knowledge of
the location of the requested object.A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ldapext-namedref-00.txtInternet-Drafts are also available by anonymous FTP. Login with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
"get draft-ietf-ldapext-namedref-00.txt".A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txtInternet-Drafts can also be obtained by e-mail.
Send a message to:
mailserv@ietf.org.
In the body type:
"FILE /internet-drafts/draft-ietf-ldapext-namedref-00.txt".NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.