[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Returning Matched Values with LDAPv3
Send reply to: "David A. Cahlander" <david.a.cahlander@syntegra.com>
From: "David A. Cahlander" <david.a.cahlander@syntegra.com>
> I think that I now understand your answer to the question about the
> operation of example (2). The attribute filter:
>
> ((attributeTypes=1.2.3.4.5))
>
> should return the same results as
>
> ((attributeTypes=gunk))
>
> since the right hand side of the "attributeTypes=" needs to go through
> some string to OID conversion. This conversion would return the same
> results for both filter values.
I also now see where you are coming from, and I agree that it is an
improvement to the ID to add the facility for the user to present the
string of the schema element rather than its OID.
This does require a change somewhere in the LDAP specs to say
that schema names and OIDs can be used interchangably in the
protocol. I am not sure where this change should go, but will ask
Mark to comment on this.
Were you wanting the following example to go into the ID, or are
you happy with the attribute example being enough
David
>
> In particular, this produces a very useful operation for a client.
>
> The user creates an LDAP search operation with a baseObject set to
> cn=subschema subentry, o=myorg, a scope of base, a filter set to
> (objectClass=subschema), the list of attributes to be returned set to
> "objectClasses", and the ValuesReturnFilter set to
> ((objectClasses=inetOrgPerson))
>
> The search result returned by the server would consist of the
> following entry:
>
> dn: cn=subschema subentry, o=myorg
> objectClasses: ( 2.16.840.1.113730.3.2.2
> NAME 'inetOrgPerson'
> SUP organizationalPerson
> STRUCTURAL
> MAY (
> audio $ businessCategory $ carLicense $ departmentNumber $
> displayName $ employeeNumber $ employeeType $ givenName $
> homePhone $ homePostalAddress $ initials $ jpegPhoto $
> labeledURI $ mail $ manager $ mobile $ o $ pager $ photo $
> roomNumber $ secretary $ uid $ userCertificate $
> x500uniqueIdentifier $ preferredLanguage $
> userSMIMECertificate $ userPKCS12
> )
> )
>
> Thanks.
> ---
> David Cahlander David.A.Cahlander@syntegra.com 651-415-3171
>
>
>
***************************************************
David Chadwick
IS Institute, University of Salford, Salford M5 4WT
Tel +44 161 295 5351 Fax +44 161 745 8169
Mobile +44 790 167 0359
Email D.W.Chadwick@salford.ac.uk
Home Page http://www.salford.ac.uk/its024/chadwick.htm
Understanding X.500 http://www.salford.ac.uk/its024/X500.htm
X.500/LDAP Seminars http://www.salford.ac.uk/its024/seminars.htm
Entrust key validation string MLJ9-DU5T-HV8J
***************************************************