[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5919) URI syntaxe (ldap:///dc=my%2cdc=domaine)



philippe.eychart@informatique.gov.pf wrote:
> michael@stroeder.com wrote:
>> Such an extension would be feasible. But still I'm not sure whether this
>> distinction is needed. Although LDAP URL with empty hostport portion are
>> used internally (e.g. in ACLs) this IMHO does not affect
>> ldap_initialize(). Maybe I missed something. But before implementing a
>> patch this should be clarified.
> 
> Do you suggest that an empty hostport (as ldap_initialize() arg) could mean
> that a SRV search is needed ?
> But this will reduce the search in the default domain name, won't it ?
> So, how to produce a search in another specific domain name when wished ?
> Where (in the URI) to appoint the root ("dc=my,dc=domain") or the explicit
> domain name ("my.domain") for the search domain ?...
> 
> Secondarily, how to specify the present meaning "this LDAP server" if we use
> this empty hostport syntaxe for SRV seach ? (A SRV search could respond when
> the user think to request his local LDAP server ...)

OpenLDAP clients do the following:

	empty hostport, empty DN: localhost, default port

	empty hostport, non-empty DN: SRV

what might be missing IMHO is:

	use domain to specify SRV

however, I don't see any special need for it, as domain can always be 
put in DN form.

I don't know if there's need for a form that asks to use SRV to discover 
the server for the default SUFFIX.

In order to avoid issues, I recommend using something like

	x-dnssrv={<domain>|<DN>}

where <DN> is restricted to the domain component sequence form.

p.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it
-----------------------------------