[prev in list] [next in list] [prev in thread] [next in thread]
List: perl-ldap-dev
Subject: Re: LDAP data inheritance question
From: Christopher A Bongaarts <cab () tc ! umn ! edu>
Date: 2004-09-01 17:15:38
Message-ID: 20040901171538.GA27230 () earth ! tc ! umn ! edu
[Download RAW message or body]
Also, some directory servers may have support for "collective
attributes" where the inheritance occurs at the server level (so if a
leaf object does not have an attribute populated, the server will
return the nearest parent's value for it). In that case, you'd just
do a normal search.
In the immortal words of Graham Barr:
> On 1 Sep 2004, at 05:18, Jason Parsons wrote:
> >I have and LDAP tree set up like so (including only the relevant
> >parts):
> >
> >dn: ou=example,ou=accounts,dc=example,dc=com [ref 3]
> >someBooleanAttribute: FALSE
> >
> >dn: ou=example.com,ou=example,ou=accounts,dc=example,dc=com [ref 2]
> >someBooleanAttribute: TRUE
> >
> >dn:
> >cn=jparsons@example.com,ou=example.com,ou=example,ou=accounts,dc=exampl
> >e,dc=com [ref 1]
> >mail: jparsons@example.com
> >someBooleanAttribute: FALSE
> >
> >I have an email address ('jparsons@example.com'). I need to know the
> >value of someBooleanAttribute for the "most specific" match. That is,
> >in pseudocode:
>
> >Does Net::LDAP make available some way to handle this "inheritance" in
> >a single query? Or do I have to send off all three queries and stitch
> >together the results?
>
> LDAP does not have support for this kind of search. You will need todo
> a search to obtain [ref 1] then if it does not have the required
> attribute do a "one" search on the parent dn with a filter like
> (someBooleanAttribute=*). If that returns no results, search for the
> next parent and so-on.
>
> Graham.
%% Christopher A. Bongaarts %% cab@tc.umn.edu %%
%% Internet Services %% http://umn.edu/~cab %%
%% University of Minnesota %% +1 (612) 625-1809 %%
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic