[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#5305) Contribware: Two overlays for implementing NESTED dynamic groups
Full_Name: Jose Marco de la Rosa
Version: 2.3.39
OS: Kubuntu 7.10
URL: ftp://ftp.openldap.org/incoming/Jose-Marco-de-la-Rosa-nestedAggregateAttr-080103.tgz
Submission from: (NULL) (80.25.122.131)
Two overlays that implement dynamic group classes defined with URL attributes
and allowing nesting.
- The first one is an extension of th overlay expandURL but allowing nesting
- The second one changes the way groups are constructed in a more powerful way
Examples of functioning follow for each version and are included in the
overlays
code archives (.c)
The tarball Jose-Marco-de-la-Rosa-nestedAggregateAttr-080103.tgz was uploaded
to openldap's server and it includes a webpage with further detail in the
implementation and configuration of the overlay.
Code files are appropriately linked in the web page mentioned (all is included
in the tarball: there are no external references in the webpage).
Both search and compare operations were implemented
I hope you like it...
#######################################################
First overlay: nestedAggregateAttrDN:
* SYNTAX:
*
* In slapd.conf :
* overlay nestedAggregateAttrDN
* nestedAggregateAttrDN <objectClass> <source-attribute>
<destination-attribute> [[<maximum-depth>] <TTL>]
* Where:
* <objectClass> specifies the class that should expand.
* <source-attribute> establishes the attribute that contains information
* about other entries where to gather destination attribute values
from.
* <destination-attribute> establishes the attribute that should present
all the gathered values.
* <maximum-depth> establishes the maximum nesting depth level. If not
specified, it defaults
* to 0 which means no nesting is allowed (not even one level).
* <TTL> establishes the maximum time allowed to serve the query. You
should take into account that:
* If different TTLs are set for the different configurations the
minimum
* will be used for all configurations.
* The TTL affects ALL searches done when the overlay is active and
not only
* those related to the configured clases.
*
*
* EXAMPLE:
*
* NOTE: you will probably need/want to define some attributes and classes in
your schema
* example.schema:
* -------------------
* objectIdentifier YOUR_ENTERPRISE_Root 1.3.6.1.4.1.<somenumber>
* objectIdentifier YOUR_ENTERPRISE_LDAP YOUR_ENTERPRISE_Root:3
* objectIdentifier YOUR_ENTERPRISE_LDAPattributeType YOUR_ENTERPRISE_LDAP:1
* objectIdentifier YOUR_ENTERPRISE_LDAPobjectClass YOUR_ENTERPRISE_LDAP:2
*
* # Attribute type for new classes
*
* attributetype ( YOUR_ENTERPRISE_LDAPattributeType:1
* NAME 'subgroupDN'
* DESC 'DN of a aggregable entry'
* SUP distinguishedName )
*
* # Classes for using overlay nestedAggregateAttrDN
*
* objectclass ( YOUR_ENTERPRISE_LDAPobjectClass:1
* NAME 'subgroupedDNGroup'
* DESC 'Sample class for nestedAggregateAttrDN (experimental purpose)'
* SUP top STRUCTURAL
* MUST cn
* MAY ( member $ subgroupDN $ cn $ ou $ o $ description ) )
*
*
* slapd.conf:
* -------------------
* overlay nestedAggregateAttrDN
* # Configure class: subgroupedDNGroup
* # Source attribute: subgroupDN
* # Aggregated attribute: member
* # Max depth in nesting: 4
* # TTL: 5 sec
* nestedAggregateAttrDN subgroupedDNGroup subgroupDN member 4 5
*
*
* ldif:
* -------------------
*
* # Static1
* dn: cn=Static1,dc=test
* cn: Static1
* objectClass: groupOfNames
* member: cn=person1,dc=test
* member: cn=person2,dc=test
*
* # Static2
* dn: cn=Static2,dc=test
* cn: Static2
* objectClass: groupOfNames
* member: cn=person3,dc=test
* member: cn=person4,dc=test
*
* # SubgroupedLevel1
* dn: cn=SubgroupedLevel1,dc=test
* cn: SubgroupedLevel1
* objectClass: subgroupedDNGroup
* subgroupDN: cn=Static1,dc=test
*
* # SubgroupedLevel2
* dn: cn=SubgroupedLevel2,dc=test
* cn: SubgroupedLevel2
* objectClass: subgroupedDNGroup
* subgroupDN: cn=SubgroupedLevel1,dc=test
* subgroupDN: cn=Static2,dc=test
*
*
* -------------------
*
* ldapsearch -x -b "SubgroupedLevel2,dc=test" will return
*
* # SubgroupedLevel2
* dn: cn=SubgroupedLevel2,dc=test
* cn: SubgroupedLevel2
* objectClass: subgroupedDNGroup
* subgroupDN: cn=SubgroupedLevel1,dc=test
* subgroupDN: cn=Static2,dc=test
* member: cn=person1,dc=test
* member: cn=person2,dc=test
* member: cn=person3,dc=test
* member: cn=person4,dc=test
*
*
* IMPORTANT: this overlay conflicts with nestedAggregateAttrURL.
* if both are active, some searches don't behave as expacted!
* Specifically, if you turn both overlays on and search for
* 'entries with member=<some member value>' won't work properly
* for one of the overlays (the firstly activated one)
*/
#######################################################
Second overlay: nestedAggregateAttrURL:
* SYNTAX:
*
* In slapd.conf :
* overlay nestedAggregateAttrURL
* nestedAggregateAttrURL <objectClass> <source-attribute>
<destination-attribute> [[<maximum-depth>] <TTL>]
* Where:
* <objectClass> specifies the class that should expand.
* <source-attribute> establishes the attribute that contains information
* about other entries where to gather destination attribute values
from.
* <destination-attribute> establishes the attribute that should present
all the gathered values.
* <maximum-depth> establishes the maximum nesting depth level. If not
specified, it defaults
* to 0 which means no nesting is allowed (not even one level).
* <TTL> establishes the maximum time allowed to serve the query. You
should take into account that:
* If different TTLs are set for the different configurations the
minimum
* will be used for all configurations.
* The TTL affects ALL searches done when the overlay is active and
not only
* those related to the configured clases.
*
*
* EXAMPLE:
*
* NOTE: you will probably need/want to define some attributes and classes in
your schema. You can use
* netscape's groupOfURLs, anyway...
* example.schema:
* -------------------
* objectIdentifier YOUR_ENTERPRISE_Root 1.3.6.1.4.1.<somenumber>
* objectIdentifier YOUR_ENTERPRISE_LDAP YOUR_ENTERPRISE_Root:3
* objectIdentifier YOUR_ENTERPRISE_LDAPattributeType YOUR_ENTERPRISE_LDAP:1
* objectIdentifier YOUR_ENTERPRISE_LDAPobjectClass YOUR_ENTERPRISE_LDAP:2
*
* # Attribute type for new classes
*
* attributetype ( YOUR_ENTERPRISE_LDAPattributeType:1
* NAME 'subgroupURL'
* DESC 'URL to search for aggregable entries'
* SUP labeledURI )
*
* # Classes for using overlay nestedAggregateAttrURL
*
* objectclass ( YOUR_ENTERPRISE_LDAPobjectClass:1
* NAME 'subgroupedURLGroup'
* DESC 'Sample class for nestedAggregateAttrURL (experimental purpose)'
* SUP top STRUCTURAL
* MUST cn
* MAY ( member $ subgroupURL $ cn $ ou $ o $ description ) )
*
* attributetype ( IAVANTE_LDAPattributeType:2
* NAME 'subgroupURL'
* DESC 'Identifies an URL containing a search for names of subgroups.'
* SUP labeledURI )
*
*
* slapd.conf:
* -------------------
* overlay nestedAggregateAttrURL
* # Configure class: subgroupedURLGroup
* # Source attribute: memberURL
* # Aggregated attribute: member
* # Max depth in nesting: 4
* # TTL: 5 sec
* nestedAggregateAttrURL subgroupedURLGroup subgroupURL member 4 5
*
*
* ldif:
* -------------------
*
* # Static1
* dn: cn=Static1,dc=test
* cn: Static1
* objectClass: groupOfNames
* member: cn=person1,dc=test
* member: cn=person2,dc=test
*
* # Static2
* dn: cn=Static2,dc=test
* cn: Static2
* objectClass: groupOfNames
* member: cn=person3,dc=test
* member: cn=person4,dc=test
*
* # SubgroupedLevel1
* dn: cn=SubgroupedLevel1,dc=test
* cn: SubgroupedLevel1
* objectClass: subgroupedURLGroup
* subgroupURL: ldap:///dc=test??one?(cn=Static*)
*
* # SubgroupedLevel2
* dn: cn=SubgroupedLevel2,dc=test
* cn: SubgroupedLevel2
* objectClass: subgroupedURLGroup
* subgroupURL: ldap:///cn=SubgroupedLevel1,dc=test
*
*
* -------------------
*
* ldapsearch -x -b "SubgroupedLevel2,dc=test" will return
*
* # SubgroupedLevel2
* dn: cn=SubgroupedLevel2,dc=test
* cn: SubgroupedLevel2
* objectClass: subgroupedURLGroup
* subgroupURL: ldap:///cn=SubgroupedLevel1,dc=test
* member: cn=person1,dc=test
* member: cn=person2,dc=test
* member: cn=person3,dc=test
* member: cn=person4,dc=test
*
* IMPORTANT: this overlay conflicts with nestedAggregateAttrDN.
* if both are active, some searches don't behave as expacted!
* Specifically, if you turn both overlays on and search for
* 'entries with member=<some member value>' won't work properly
* for one of the overlays (the firstly activated one)
*
*/