directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lécharny <elecha...@gmail.com>
Subject Re: [VOTE] Apache LDAP API 1.0.0-M32 release
Date Mon, 19 Oct 2015 00:23:34 GMT
Le 18/10/15 19:18, Radovan Semancik a écrit :
> Hi,
>
> There is one more thing. I have just realized that API has Active
> Directory DirSync control, but we do not have "Deleted" control
> (1.2.840.113556.1.4.417). The AD sync is not very useful without this
> control. 

There are many controls (and extended operations) that AD supports and
we don't :

Controls :
----------

LDAP_PAGED_RESULT_OID_STRING            1.2.840.113556.1.4.319    Supported
LDAP_SERVER_SHOW_DELETED_OID            1.2.840.113556.1.4.417    Not
supported
LDAP_SERVER_SORT_OID                    1.2.840.113556.1.4.473    Supported
LDAP_SERVER_RESP_SORT_OID               1.2.840.113556.1.4.474    Supported
LDAP_SERVER_CROSSDOM_MOVE_TARGET_OID    1.2.840.113556.1.4.521    Not
supported
LDAP_SERVER_NOTIFICATION_OID            1.2.840.113556.1.4.528    Not
supported
LDAP_SERVER_EXTENDED_DN_OID             1.2.840.113556.1.4.529    Not
supported
LDAP_SERVER_LAZY_COMMIT_OID             1.2.840.113556.1.4.619    Not
supported
LDAP_SERVER_SD_FLAGS_OID                1.2.840.113556.1.4.801    Not
supported
LDAP_SERVER_RANGE_OPTION_OID            1.2.840.113556.1.4.802    Not
supported
LDAP_SERVER_TREE_DELETE_OID             1.2.840.113556.1.4.805    supported
LDAP_SERVER_DIRSYNC_OID                 1.2.840.113556.1.4.841    Supported
LDAP_SERVER_GET_STATS_OID               1.2.840.113556.1.4.970    Not
supported
LDAP_SERVER_VERIFY_NAME_OID             1.2.840.113556.1.4.1338   Not
supported
LDAP_SERVER_DOMAIN_SCOPE_OID            1.2.840.113556.1.4.1339   Not
supported
LDAP_SERVER_SEARCH_OPTIONS_OID          1.2.840.113556.1.4.1340   Not
supported
LDAP_SERVER_RODC_DCPROMO_OID            1.2.840.113556.1.4.1341   Not
supported
LDAP_SERVER_PERMISSIVE_MODIFY_OID       1.2.840.113556.1.4.1413   Not
supported
LDAP_SERVER_ASQ_OID                     1.2.840.113556.1.4.1504   Not
supported
LDAP_SERVER_QUOTA_CONTROL_OID           1.2.840.113556.1.4.1852   Not
supported
LDAP_SERVER_SHUTDOWN_NOTIFY_OID         1.2.840.113556.1.4.1907   Not
supported
LDAP_SERVER_RANGE_RETRIEVAL_NOERR_OID   1.2.840.113556.1.4.1948   Not
supported
LDAP_SERVER_FORCE_UPDATE_OID            1.2.840.113556.1.4.1974   Not
supported
LDAP_SERVER_DN_INPUT_OID                1.2.840.113556.1.4.2026   Not
supported
LDAP_SERVER_SHOW_RECYCLED_OID           1.2.840.113556.1.4.2064   Not
supported
LDAP_SERVER_SHOW_DEACTIVATED_LINK_OID   1.2.840.113556.1.4.2065   Not
supported
LDAP_SERVER_POLICY_HINTS_DEPRECATED_OID 1.2.840.113556.1.4.2066   Not
supported
LDAP_SERVER_DIRSYNC_EX_OID              1.2.840.113556.1.4.2090   Not
supported
LDAP_SERVER_TREE_DELETE_EX_OID          1.2.840.113556.1.4.2204   Not
supported
LDAP_SERVER_UPDATE_STATS_OID            1.2.840.113556.1.4.2205   Not
supported
LDAP_SERVER_SEARCH_HINTS_OID            1.2.840.113556.1.4.2206   Not
supported
LDAP_SERVER_EXPECTED_ENTRY_COUNT_OID    1.2.840.113556.1.4.2211   Not
supported
LDAP_SERVER_POLICY_HINTS_OID            1.2.840.113556.1.4.2239   Not
supported
LDAP_SERVER_SET_OWNER_OID               1.2.840.113556.1.4.2255   Not
supported
LDAP_SERVER_BYPASS_QUOTA_OID            1.2.840.113556.1.4.2256   Not
supported
LDAP_SERVER_LINK_TTL_OID                1.2.840.113556.1.4.2309   Not
supported
LDAP_CONTROL_VLVREQUEST                 2.16.840.1.113730.3.4.9   Supported
LDAP_CONTROL_VLVRESPONSE                2.16.840.1.113730.3.4.10  Supported

Extended operations :
---------------------

LDAP_SERVER_FAST_BIND_OID        1.2.840.113556.1.4.1781     Not supported
LDAP_SERVER_BATCH_REQUEST_OID    1.2.840.113556.1.4.2212     Not supported
LDAP_TTL_REFRESH_OID             1.3.6.1.4.1.1466.101.119.1  Not supported
LDAP_SERVER_START_TLS_OID        1.3.6.1.4.1.1466.20037      Supported
LDAP_SERVER_WHO_AM_I_OID         1.3.6.1.4.1.4203.1.11.3     Supported


As you can see, we do support 7 out of 38 controls, and 2 out of 5
extended operations M$ AD supports.

> The implementation should be very easy and I can do that during
> Monday. Do you think it is OK to do that now (before 1.0.0-M32
> release)? Or should I wait after the release?

I think we can wait for another release, that may come quite quickly (I
have myself some additional fixes for the LdifAnonymizer). The rationnal
is that this release is quite critical due to the changes made in the
way we handle the schema, and I'd like to have it out as is.

Regarding the missing controls/extOps, here is what I would suggest : we
could spend some time implementing a batch of the missing AD elements,
and cut a release as soon as it's done. For controls, it's not
necessarily complex, it's just a bit time consuming (especially the
tests). The only part I'm not sure of is which ones should we include
and which ones should we ignore. I suspect we should go to the full
extent and make the API as complete as possible...

Thoughts ?



Mime
View raw message