[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Named Referrals Questions.

To: d.w.chadwick@iti.salford.ac.uk, ietf-ldapext@netscape.com
Subject: Re: Named Referrals Questions.
From: Christopher Lukas <lukas@cs.wisc.edu>
Date: Thu, 29 Jul 1999 08:44:03 -0500
Organization: Internet Scout Project, University of Wisconsin-Madison
References: <E119bDY-0007dI-00@neodymium.btinternet.com>
Resent-date: Thu, 29 Jul 1999 06:44:22 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"z48z7D.A.cpB.rqFo3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

David,

I think one reason we're having confusion here is that some people (you
as well) are viewing LDAP from an X.500 perspective and others (me) are
viewing it from an LDAP perspective. By that I mean that I have only
briefly looked through the X.500 spec and was dismayed at the complexity
so I have all of my directory knowledge from LDAP documents with a few
references to the X.500 spec. 

That being said, I see in your online X.500 book (which is very nice)
where you are getting these various names or types of entries. There
seems to be a list of types for DSEs. This is new to me because they
don't seem to be discussed in the LDAP protocol documents I have read.

However, I think I now understand what you mean by glue DSE, but am not
clear on how these types of entries live in LDAP. I think we have
created, in our slapd-based LDAP system, what essentially is a glue DSE.
For various reasons, we actually have our entire DIT from the root down
to the part that actually has data replicated across our distributed
servers. Since we only have a 2-level tree, this amounts to having the
root entry of our DIT replicated across all the servers, but I believe
it may be a glue DSE in some sense. The reason it's there is so that a
search starting at the root will work on any server without having to
send a referral to a mythical central server that actually holds the
root entry of the DIT. Because the servers are connected with what you
call cross references, I believe, there is no need (or desire) to have a
central server that actually has that entry.

But I still think we may be having problems that are coming from the
X.500 <-> LDAP server/gateway interaction as opposed to the LDAP
server/gateway <-> LDAP client. In your example below, since there don't
seem to be "glue DSEs" defined in LDAP, I don't understand what you
mean. 

Thanks.

- Chris

David Chadwick wrote:
> 
> >   If a client requests an operation for which the base or target object is
> > not held by the server,
> >
> >   1. Remove the leftmost attribute/value pair from the DN.
> >   2. If the remaining DN is empty - stop and proceed with superior
> > reference from the root DSE.
> >   3. If the remaining DN represents a locally held object that contains a
> > ref attribute - stop and process referral.
> >   4. If the remaining DN represents a locally held object that does not
> > contain a ref attribute - stop and return "no such object" result.
> 
> Not quite correct I think. Try this insertion:
> 
> 4. If the remaining DN represents a glue DSE continue with step 1.
> 
> e.g. I request A,B,C,D and the server holds X,C,D as a cross
> reference, C as a glue DSE and D as a glue or another cross
> reference then I should be refered to either D or the superior
> reference.
> 
> David

-- 
------------------------
Christopher E. Lukas
Internet Scout Project 
http://scout.cs.wisc.edu

Follow-Ups:
- Re: Named Referrals Questions.
  - From: David Chadwick <D.W.Chadwick@ITI.salford.ac.uk>

References:
- Re: Named Referrals Questions.
  - From: David Chadwick <d.w.chadwick@salford.ac.uk>

Prev by Date: Re: Named Referrals Questions.
Next by Date: LDAP Profile Definitions
Index(es):
- Chronological
- Thread