[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Maximum uidNumber (posix / ldap).

To: openldap-technical@openldap.org
Subject: Re: Maximum uidNumber (posix / ldap).
From: Emmanuel Lecharny <elecharny@apache.org>
Date: Tue, 07 Jul 2009 23:27:04 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=l6cvY4DEOTSJB8EhS+UbQakIiF3r2TeJT80AwEoiBw0=; b=vow3AXXdWMU+l68b6HfcTKukoPG+Pzb26gWaL9Cinjy6IfU8ZK1CmxzWeMNz7oRPsM zNENuiJpaYRzLArZF8qvp2tBiAYIW5DQHEppZkEQlvTHBMczORDq+WqXMwQR7u1u1N9K oqoWzxLhFJX0ROL5j5NNreDZYukdkKdp63TYs=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:content-type:content-transfer-encoding; b=XU1wjq/ZxHCHGY6rRlVwaddJ5tJ6NzSMy7MtBgoSjwYGN+1Mtf8MtwAn1vrztYANHc J2KQzjSMu2/fUWoap4k1nMFehVU56vYAs5obmNVbqKWFN3nfzhxytkgRf1IzPRKBdQMw T26jn+SEbmjyTABljhwZ+XEwtojaBABUxYPWU=
In-reply-to: <de57b12c0907071327u53e7f937lee857da3b91fa000@mail.gmail.com>
References: <de57b12c0907071327u53e7f937lee857da3b91fa000@mail.gmail.com>
User-agent: Thunderbird 2.0.0.22 (X11/20090608)

Alejandro Leyva wrote:

Hi all, we are looking at the maximum uidNumber, we need to know the
maximum allowed uidNumber for LDAP / POSIX accounts.

The schema definition for uidNumber says that it is defined with
syntax 1.3.6.1.4.1.1466.115.121.1.27, which is an LDAP number /
integer, in http://www.zytrax.com/books/ldap/apa/types.html#numbers
the range is defined as 2,147,483,648 to 2,147,483,647, did somebody
know if  this range is common to LDAP and POSIX? Could we have a user
with uidNumber 2,147,483,646 without any problem?

Thanks in advance.

No limit, per RFC 4517,  chap. 3.3.16 :

3.3.16.  Integer

  A value of the Integer syntax is a whole number of *unlimited
  magnitude*.  The LDAP-specific encoding of a value of this syntax is
  the optionally signed decimal digit character string representation
  of the number (for example, the number 1321 is represented by the
  character string "1321").  The encoding is defined by the following
  ABNF:

     Integer = ( HYPHEN LDIGIT *DIGIT ) / number

  The <HYPHEN>, <LDIGIT>, <DIGIT>, and <number> rules are defined in
  [RFC4512].

  The LDAP definition for the Integer syntax is:

     ( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'INTEGER' )

  This syntax corresponds to the INTEGER ASN.1 type from [ASN.1].



Now, check that against your favorite LDAP server.

Hope it helps...


--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org

Follow-Ups:
- Re: Maximum uidNumber (posix / ldap).
  - From: Alejandro Leyva <alex.leyva@gmail.com>

References:
- Maximum uidNumber (posix / ldap).
  - From: Alejandro Leyva <alex.leyva@gmail.com>

Prev by Date: Re: LDAP Access controls
Next by Date: Re: Maximum uidNumber (posix / ldap).
Index(es):
- Chronological
- Thread