[Date Prev][Date Next]
RE: referrals for meta directory use
Hi Brett !
For "LDAP aliases" use the standard objectclass
BR / Antonio
P.S: Aliases are solved by the servers (the client must
request the way an alias must be treated in parameter
"derefAliases" in LDAP "searchRequest" message). Referrals
are solved by the client instead (i.e. when the server
finds a referral entry it is returned to the client ..
and it is the client the one to re-request the LDAP op.
the refererd entry). Aliases are ONLY valid for search ops
(for updates ops you need to "point" to the
rigt object, as aliases are ONLY dereferred when searching
!!!) but referrals can be used for any LDAP op.
I am looking to learn about meta directories using
ldap. So i am looking for a way to create a tree structure which wiull be
somewhat dynamic, that has referrals (or aliases - whatever is possible) to a
simpler structure in the same directory.
something like ("real" data
which does not change it's position the DIT)
then have a vutual structure (whick is both liable and likely to
ou=unit x (local referral to o=real, ou=unit x)
The intent is to have a
"virtual" tree structure that represents a dynamic representation of an
organisations's structure, that is presented to the real world, but have the
actual data stored in a simple, static structure to minimise configuration
this would provide an accurate representation of the shifting
organisational structure for presentation, but services which would be affected
by this frequently moving organisation structure (web or proxy authentication
etc.,) point to the static or "real" data so changes to the apparent
organisational structure do not affect critical system services.
thinking this could be implemented by referrals from the "dynamic" part of the
tree to the "static" part of the tree, but looking at the referral format it
seems to require a hostname, which would in this case be it's own
i would suspect that it is not proper? for one server to refer to
itself, but if it was, is there a syntax for a referral which does not require a
hostname (or a way to specify a localtion in the local DIT) in the "ref"
alternatively is there a native alias mechanism which several
other servers have, to graft (apparently for queries etc., not in reality) one
part of an openldap server's tree to another