[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Alias dereferencing in non-search operations

To: Jim Sermersheim <JIMSE@novell.com>
Subject: Re: Alias dereferencing in non-search operations
From: Mark Wahl <M.Wahl@INNOSOFT.COM>
Date: Sat, 07 Aug 1999 15:17:02 -0500
Cc: ietf-ldapext@netscape.com
In-reply-to: "Your message of Fri, 06 Aug 1999 19:12:41 MDT." <s7ab3406.009@prv-mail20.provo.novell.com>
Resent-date: Sat, 07 Aug 1999 13:18:20 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"cM5iU.A.aPC._RJr3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

> In X.500 this applies to all operations, not just search. In LDAP, there 
> doesn't seem to be a prescribed default behavior when resolving the name 
> specified in operations like BindRequest, ModifyRequest, DelRequest, etc.

Yes it is.  It is defined in 2251 section 4.8 second paragraph, 
section 4.7 first bullet item, and section 4.6 first bullet item for Delete,
Modify and Add.    For the others we left it to X.500 through 2251 section 
3.3, to minimize the amount of retyping we have to do to produce the RFC.

In particular the behavior for Bind is defined in X.511, where it states that 
the target DN must be the name of an object entry (and therefore not an alias).

> Many times aliases are created as a shortcut so that a user's DN isn't so 
> long. In this case, one would want to bind using the alias and have the 
> server automatically dereference.

That is not a required server behavior however as it would put it in 
contradiction with RFC 2251 3.3 first paragraph second sentence.

Mark Wahl, Directory Product Architect
Innosoft International, Inc.

References:
- Alias dereferencing in non-search operations
  - From: Jim Sermersheim <JIMSE@novell.com>

Prev by Date: Nested SearchRequests
Next by Date: Re: Nested SearchRequests
Index(es):
- Chronological
- Thread