Re: RFC 4530 -- entryUUID attribute

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks William -- very much appreciated!

We are reviewing options and will post back here.

________________________________________
From: William Brown [wibrown@xxxxxxxxxx]
Sent: Wednesday, October 05, 2016 16:03
To: General discussion list for the 389 Directory server project.
Subject: [389-users] Re: RFC 4530 -- entryUUID attribute

On Wed, 2016-10-05 at 17:03 +0000, Mailvaganam, Hari wrote:
> W.r.t a vSphere implementation that has a requirement for entryUUID -- has it, or plans to, support in 389-DS -- https://fedorahosted.org/389/ticket/137?
>

Hi,

I've just commented on the ticket, but there is a better explination.

We already have a UUID type on all objects in directory server,
specifically nsUniqueId. It looks like:

nsuniqueid: 0344fb02-703811e5-a62bf7bf-2add969e

Looking at the rfc, we can see:

https://www.ietf.org/rfc/rfc4530.txt

entryUUID: 597ae2f6-16a6-1027-98f4-d28b5365dc14

So if we compare these:

0344fb02-703811e5-a62bf7bf-2add969e
597ae2f6-16a6-1027-98f4-d28b5365dc14

Not quite the same. Turns out that nsuniqueId is displayed in 4 groups
of 8 characters, where as entryUUID is
https://www.ietf.org/rfc/rfc4122.txt displayed.

We could actually write a plugin, that when you request entryUUID, it
actually reads the nsUniqueId and formats it correctly:

before: 0344fb02-703811e5-a62bf7bf-2add969e
after : 0344fb02-7038-11e5-a62b-f7bf2add969e


There would still be some other discussions to be had, but the answer is
"We kind of support it, but not quite".

Sadly, for a feature like this, it won't happen "overnight" for 1.3.5,
and I can't guarantee when it would be ready.

You may be able to "cheat" and in the syntax do something like:

01core389.ldif:

Change line 41 from:

attributeTypes: ( 2.16.840.1.113730.3.1.542 NAME 'nsUniqueId' DESC
'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN
'Netscape Directory Server' )

TO:

attributeTypes: ( 2.16.840.1.113730.3.1.542 NAME ('nsUniqueId'
'entryUUID') DESC 'Netscape defined attribute type' SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE NO-USER-MODIFICATION USAGE
directoryOperation X-ORIGIN 'Netscape Directory Server' )


ldapsearch -LLL -x -s base -b 'dc=example,dc=com' entryUUID
dn: dc=example,dc=com
entryUUID: 55d3cd25-8b4f11e6-b30bf972-f1241077


The quirk here is that you have to REQUEST entryUUID in the search, else
it will still return as nsUniqueID:

ldapsearch -LLL -x -s base -b 'dc=example,dc=com' +
dn: dc=example,dc=com
nsUniqueId: 55d3cd25-8b4f11e6-b30bf972-f1241077


So if you could post the access log search query that vmware is
attempting, we can let you know if this work around will work or not.

--
Sincerely,

William Brown
Software Engineer
Red Hat, Brisbane
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux