[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: How to make OpenLDAP use random (v4) UUIDs in entryUUID attribute
On Fri, May 31, 2013 at 1:55 AM, Michael StrÃder <michael@stroeder.com> wrote:
> Hmm, what do you mean with "same semantics"?
I mean it's a globally-unique identifier that gets minted once per
("physical") entry (i.e. if you deleted the DN and put it back, it
would have a different [GU]UID). But so as long as the entry exists,
it will be associated with that identifier.
> In both servers the objectGUID in MS AD and entryUUID in OpenLDAP are created
> by the server when adding an entry. The LDAPsyntax differs (OctetString vs.
> UUID). But you should carefully think about the implications converting AD's
> objectGUID to OpenLDAP's entryUUID though!
No interest (per se) in doing so; my interest is actually to borrow
the identifiers for RDF subjects (urn:uuid:â) so the contents can be
mapped back and forth between RDF statements and LDAP entries. I
considered just using LDAP URIs but keeping track of DN changes would
be a nightmare.
> During the Novell->OpenLDAP migration we decided to migrate the
> GUID->entryUUID because of the requirement to correctly sync the data also in
> the case entries were renamed.
So yes, my interest is more similar to this.
> If you need a persistent common primary key between AD and OpenLDAP you should
> rather think about syncing AD's objectSID and take care of the SID history
> after using AD domain migration tool.
I will definitely keep this in mind. Thanks!
--
Dorian Taylor
http://doriantaylor.com/