[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Antw: Re: Is existing documentation kind of vague?
>>> MJ J <mikedotjackson@gmail.com> schrieb am 14.11.2017 um 20:36 in
Nachricht
<CANCEyfNNs0CC-KxBV4kS3v3QRLFROKsp4BueMQrhOzxgZ1drwQ@mail.gmail.com>:
> Hi,
>
> You don't need a special object class or schema, you can use this:
>
> dn: cn=user,ou=increment,dc=foo,dc=bar
> objectClass: top
> objectClass: account
> objectClass: posixAccount
> cn: user
> gidNumber: 99999
> homeDirectory: /no/such/location
> uid: user
> uidNumber: 1000
> description: Modify-increment user
>
>
> And here is a python method to do the job for you:
>
> def increment_uidnumber(l, base):
> """ Perform LDAP modify-increment operation on uidNumber tracking object
> """
> modlist = [(ldap.MOD_INCREMENT, "uidNumber", "1")]
> l.modify_s("cn=user,{0}".format(base), modlist)
> r = l.search_s(base, ldap.SCOPE_SUBTREE, "(objectClass=posixAccount)",
> ['uidNumber'])
> next_number = r[0][1]['uidNumber'][0]
>
> return next_number
Out of curiosity: How does it play with concurrency on different multi-master
nodes? Is there a chance to assign the same number multiple times?
Regards,
Ulrich
>
>
> Hope that helps,
> Mike
>
> On Tue, Nov 14, 2017 at 9:13 PM, John Lewis <jl@hyperbolicinnovation.com>
> wrote:
>> Hello Everyone.
>>
>> I was trying to implement uidNumber Attribute Auto-Incrementing Method
>> and I read http://www.rexconsulting.net/ldap-protocol-uidNumber.html .
>>
>> I specifically want to point to this line here.
>>
>>> Create a “uidNext” entry (objectClass: uidNext) at an specific
>>> location in the directory to store the incrementing value. Publish
>>> this location in your application programming guides as the well-
>>> known location for obtaining the next UID. Also publish this method
>>> as the required method to retrieve a next UID.
>>
>> But I already know from http://www.openldap.org/doc/admin23/schema.html
>> & http://www.zytrax.com/books/ldap/ch3/ that object classes are
>> defined only. So the writer left out that they defined a schema and
>> what name the called the schema. Maybe it isn't important. What is
>> important is that they used object class "objectclass (
>> 1.3.6.1.4.1.19173.2.2.2.8" to define it, but I can't find the
>> registration of the object identifier on https://www.ldap.com/ldap-oid-
>> reference or https://www.iana.org/assignments/ldap-parameters/ldap-para
>> meters.xhtml#ldap-parameters-3.
>>
>> It makes perfect scene because it is a PRIVATE ENTERPRISE NUMBER. It
>> would mean that anyone outside of Rex Consulting, Inc. https://www.iana
>> .org/assignments/enterprise-numbers/enterprise-numbers would be using
>> the wrong OID and that the specific object wouldn't be listed.
>>
>>> Under no circumstances should you hijack OID namespace!
>> - OpenLDAP Software 2.4 Administrator's Guide
>>
>> That is a lot of data from a lot of different websites to string
>> together that information. I have a good idea how to implement
>> uidNumber, but I haven't seen it done and I can't do it CORRECT today
>> because I would have to register for a Private Enterprise Number so I
>> won't hijack an OID namespace and that would take up to 30 days and
>> there is no documented contingency plan anywhere.
>>
>> We are all familiar with the the LDAP call out articles that come out
>> every year. All of the articles seem to come from a place of
>> frustration. To be fair I think call out articles are a trend with
>> databases.
>>
>> Do you think existing documentation is kind of vague?
>>