directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Seelmann <seelm...@apache.org>
Subject Re: Referrals and RDN
Date Fri, 15 Aug 2008 06:06:16 GMT
Hi Emmanuel,

IMO you are absolutely right (if I correctly understand RFC4512):

----------------------------------------------------------------------
2.3.1.  Relative Distinguished Names

   Each entry is named relative to its immediate superior.  This
   relative name, known as its Relative Distinguished Name (RDN)
   [X.501], is composed of an unordered set of one or more attribute
   value assertions (AVA) consisting of an attribute description with
   zero options and an attribute value.  *These AVAs are chosen to match
   attribute values (each a distinguished value) of the entry*.
----------------------------------------------------------------------

Stefan


Emmanuel Lecharny wrote:
> Hi,
> 
> just a question : even if an entry contains the extensibleObject and
> referral objectClass with a ref attribute, we still expect the RDN to be
> one of the existing attribute in the entry, aren't we ?
> 
> For instance, the following entry is invalid :
> 
> dn: ou=RemoteUsers,ou=system
> objectClass: top
> objectClass: referral
> objectClass: extensibleObject
> ref: ldap://fermi:10389/ou=users,ou=system
> ref: ldap://hertz:10389/ou=users,dc=example,dc=com
> ref: ldap://maxwell:10389/ou=users,ou=system
> 
> when the following one is valid :
> 
> dn: ou=RemoteUsers,ou=system
> objectClass: top
> objectClass: referral
> objectClass: extensibleObject
> ref: ldap://fermi:10389/ou=users,ou=system
> ref: ldap://hertz:10389/ou=users,dc=example,dc=com
> ref: ldap://maxwell:10389/ou=users,ou=system
> ou: RemoteUsers
> 
> (the 'ou' attribute exists in the second entry, not in the first one)
> 
> Thanks !
> 


Mime
View raw message