[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: aliased bases

To: Robert Streich <streich@austin.apc.slb.com>
Subject: Re: aliased bases
From: Ludovic Poitou - Sun Microsystems <Ludovic.Poitou@France.Sun.COM>
Date: Mon, 19 Oct 1998 09:58:43 +0200 (MET DST)
Cc: Will.Ballantyne@gems1.gov.bc.ca, OpenLDAP-devel@openldap.org
In-reply-to: "Your message with ID" <199810170526.AAA16050@flame.austin.apc.slb.com>

Hi All,

In April, we submitted a internet draft on the use of aliases within LDAP.
                             Use of Aliases within LDAP
                          <draft-byrne-ldap-alias-00.txt>

You can find it at :

http://www.ietf.org/internet-drafts/draft-byrne-ldap-alias-00.txt

There was very little discussion about it. But comment are welcome.


Ludovic Poitou.
Sun Microsystems.


> > Hi Robert,  I have not seen any RFC specifications for aliases in LDAP. 
> Maybe you can > let me know which RFCs they are.
> 
> They get a brief mention in a few places in the v2 and v3 RFCs, but the
> alias objectclass is described in RFC-2256. I haven't seen the '96
> version of X.521, but the '93 version gave the alias objectclass an
> attribute of aliasedEntryName, which is also the name in Alvestrand's
> OID database. The RFC, however, uses aliasedObjectName.
> 
> >   The way the DNs are composed and looked at in the openLDAP source is quite primitive
> > and does not currently involve looking at all the components in the parentage of the
> > DN.  That is, there is no traversal up the DIT to see if any of the parents is an
> > alias.  Without that you cannot use one entry to alias another for the suffix.
> > 
> >   Doing the walk up the DIT should not be too bad although that might cause havoc with
> > some of the backends.  I know that some of them do not define all the entries that
> > would be required for the DIT, they emulate them using attributes from the children, so
> > what happens if it hits a blank?  The suffix alias solution still seems like a good one
> > to me although I may look into doing the DIT walk.
> 
> I think that the dereferencing might best be done in the backend code
> rather than in the next level up. I took a few minutes to look at the
> code tonight and it looks like the best place to add it for the ldbm
> backend is where there is a test to see if dn2entry() fails. dn2entry()
> walks up the DIT to see what portion of the DN it can match and writes
> it into a buffer that gets passed in the call. If you added a function
> to test if the "returned" DN was an alias, you could continue by swapping
> out the value of aliasedObjectName with the "alias" portion of the
> original DN.
> 
> I need to have aliases in my DIT, so I'm going to give this a try.
> Unfortunately, the v2 RFC only specifies how aliases are to be
> dealt with when searching and modifying. It doesn't mention anything
> in add, delete, etc. Any ideas?
> 
> As a general question: Is the openLDAP source headed towards v3? Should
> I just be looking at the v3 RFCs?
> 
> If you're interested in continuing this thread, I suppose we ought to
> move it to the "devel" list, eh? Feedback would be nice, expecially
> from anyone who has dug into this code before.
> 
> bob
> 
> 
> Robert Streich			streich@slb.com
> Schlumberger			512-331-3318 (voice)
> Austin Research			512-331-3760 (fax)

Follow-Ups:
- Re: aliased bases
  - From: Will Ballantyne <Will.Ballantyne@gems1.gov.bc.ca>

References:
- Re: aliased bases
  - From: Robert Streich <streich@austin.apc.slb.com>

Prev by Date: Re: aliased bases
Next by Date: Re: aliased bases
Index(es):
- Chronological
- Thread