[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [ldapext] [Fwd: LDAP C API gripes]

To: idra@samba.org
Subject: Re: [ldapext] [Fwd: LDAP C API gripes]
From: Michael B Allen <mba2000@ioplex.com>
Date: Wed, 21 Feb 2007 15:11:29 -0500
Cc: ldapext@ietf.org
In-reply-to: <1172084828.11482.53.camel@localhost.localdomain>
References: <45D251C0.2050306@highlandsun.com> <45DC6997.5020906@highlandsun.com> <1172073139.11482.11.camel@localhost.localdomain> <45DC6CCF.6060100@highlandsun.com> <1172074277.11482.17.camel@localhost.localdomain> <20070221125226.3e54fb9e.mba2000@ioplex.com> <45DC9414.7010706@sys-net.it> <1172084828.11482.53.camel@localhost.localdomain>

On Wed, 21 Feb 2007 14:07:08 -0500
simo <idra@samba.org> wrote:

> On Wed, 2007-02-21 at 19:48 +0100, Pierangelo Masarati wrote:
> > Michael B Allen wrote:
> > 
> > 
> > > As for retrieving the schema from the server at runtime, we did not do
> > > that. Not just for performance reasons but more so because there is no
> > > standard way to retrieve that information, it is awkward to do so or
> > > you cannot do it at all (e.g. RootDSE attributes in AD have no schema
> > > definitions).
> > 
> > 
> > There __is__ a standard way, it's described in RFC4512 secton 4.4; the
> > fact that some implementors don't comply with it, or do not populate
> > values as indicated in the standard is a totally different business.
> 
> Last I checked AD supported subschemaSubentry, I don't think that
> changed overnight. I can't say the same of the std openLdap installation
> you find on many distributions out there :)

Actually I'm wrong. Last time I looked at this I didn't think ADs
subSchemaSubEntry had all of the necessary information. But looking at
it again it apparently does. I think I was orignally concerned about not
being able to filter by name. But an installer could download and store
the defs for the library to load locally at runtime. I think that would
perform pretty well especially if they were hash indexed by name.

> I am not sure to what attributes Michael refer, but I guess that even if
> they are not defined they can be easily hard coded eventually.

The RootDSE attributes are not listed in subSchemaSubEntry or
CN=Schema,CN=Configuration,DC=X under AD. Not sure why. I think it has
something to do with bootstrapping the DIT.

Mike

-- 
Michael B Allen
PHP Active Directory SSO
http://www.ioplex.com/

_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

References:
- [ldapext] [Fwd: LDAP C API gripes]
  - From: Howard Chu <hyc@highlandsun.com>
- Re: [ldapext] [Fwd: LDAP C API gripes]
  - From: Howard Chu <hyc@highlandsun.com>
- Re: [ldapext] [Fwd: LDAP C API gripes]
  - From: simo <idra@samba.org>
- Re: [ldapext] [Fwd: LDAP C API gripes]
  - From: Howard Chu <hyc@highlandsun.com>
- Re: [ldapext] [Fwd: LDAP C API gripes]
  - From: simo <idra@samba.org>
- Re: [ldapext] [Fwd: LDAP C API gripes]
  - From: Michael B Allen <mba2000@ioplex.com>
- Re: [ldapext] [Fwd: LDAP C API gripes]
  - From: Pierangelo Masarati <ando@sys-net.it>
- Re: [ldapext] [Fwd: LDAP C API gripes]
  - From: simo <idra@samba.org>

Prev by Date: Re: [ldapext] Dynamic group draft
Next by Date: Re: [ldapext] Dynamic group draft
Index(es):
- Chronological
- Thread