Full_Name: Jose Marco de la Rosa Version: 2.3.39 OS: Kubuntu 7.10 URL: ftp://ftp.openldap.org/incoming/Jose-Marco-de-la-Rosa-nestedAggregateAttr-080103.tgz Submission from: (NULL) (80.25.122.131)
Two overlays that implement dynamic group classes defined with URL attributes and allowing nesting.
- The first one is an extension of th overlay expandURL but allowing nesting
- The second one changes the way groups are constructed in a more powerful way
Examples of functioning follow for each version and are included in the overlays code archives (.c)
The tarball Jose-Marco-de-la-Rosa-nestedAggregateAttr-080103.tgz was uploaded to openldap's server and it includes a webpage with further detail in the implementation and configuration of the overlay.
Code files are appropriately linked in the web page mentioned (all is included in the tarball: there are no external references in the webpage).
Both search and compare operations were implemented
I hope you like it...
####################################################### First overlay: nestedAggregateAttrDN:
* SYNTAX: * * In slapd.conf : * overlay nestedAggregateAttrDN * nestedAggregateAttrDN <objectClass> <source-attribute> <destination-attribute> [[<maximum-depth>] <TTL>] * Where: * <objectClass> specifies the class that should expand. * <source-attribute> establishes the attribute that contains information * about other entries where to gather destination attribute values from. * <destination-attribute> establishes the attribute that should present all the gathered values. * <maximum-depth> establishes the maximum nesting depth level. If not specified, it defaults * to 0 which means no nesting is allowed (not even one level). * <TTL> establishes the maximum time allowed to serve the query. You should take into account that: * If different TTLs are set for the different configurations the minimum * will be used for all configurations. * The TTL affects ALL searches done when the overlay is active and not only * those related to the configured clases. * * * EXAMPLE: * * NOTE: you will probably need/want to define some attributes and classes in your schema * example.schema: * ------------------- * objectIdentifier YOUR_ENTERPRISE_Root 1.3.6.1.4.1.<somenumber> * objectIdentifier YOUR_ENTERPRISE_LDAP YOUR_ENTERPRISE_Root:3 * objectIdentifier YOUR_ENTERPRISE_LDAPattributeType YOUR_ENTERPRISE_LDAP:1 * objectIdentifier YOUR_ENTERPRISE_LDAPobjectClass YOUR_ENTERPRISE_LDAP:2 * * # Attribute type for new classes * * attributetype ( YOUR_ENTERPRISE_LDAPattributeType:1 * NAME 'subgroupDN' * DESC 'DN of a aggregable entry' * SUP distinguishedName ) * * # Classes for using overlay nestedAggregateAttrDN * * objectclass ( YOUR_ENTERPRISE_LDAPobjectClass:1 * NAME 'subgroupedDNGroup' * DESC 'Sample class for nestedAggregateAttrDN (experimental purpose)' * SUP top STRUCTURAL * MUST cn * MAY ( member $ subgroupDN $ cn $ ou $ o $ description ) ) * * * slapd.conf: * ------------------- * overlay nestedAggregateAttrDN * # Configure class: subgroupedDNGroup * # Source attribute: subgroupDN * # Aggregated attribute: member * # Max depth in nesting: 4 * # TTL: 5 sec * nestedAggregateAttrDN subgroupedDNGroup subgroupDN member 4 5 * * * ldif: * ------------------- * * # Static1 * dn: cn=Static1,dc=test * cn: Static1 * objectClass: groupOfNames * member: cn=person1,dc=test * member: cn=person2,dc=test * * # Static2 * dn: cn=Static2,dc=test * cn: Static2 * objectClass: groupOfNames * member: cn=person3,dc=test * member: cn=person4,dc=test * * # SubgroupedLevel1 * dn: cn=SubgroupedLevel1,dc=test * cn: SubgroupedLevel1 * objectClass: subgroupedDNGroup * subgroupDN: cn=Static1,dc=test * * # SubgroupedLevel2 * dn: cn=SubgroupedLevel2,dc=test * cn: SubgroupedLevel2 * objectClass: subgroupedDNGroup * subgroupDN: cn=SubgroupedLevel1,dc=test * subgroupDN: cn=Static2,dc=test * * * ------------------- * * ldapsearch -x -b "SubgroupedLevel2,dc=test" will return * * # SubgroupedLevel2 * dn: cn=SubgroupedLevel2,dc=test * cn: SubgroupedLevel2 * objectClass: subgroupedDNGroup * subgroupDN: cn=SubgroupedLevel1,dc=test * subgroupDN: cn=Static2,dc=test * member: cn=person1,dc=test * member: cn=person2,dc=test * member: cn=person3,dc=test * member: cn=person4,dc=test * * * IMPORTANT: this overlay conflicts with nestedAggregateAttrURL. * if both are active, some searches don't behave as expacted! * Specifically, if you turn both overlays on and search for * 'entries with member=<some member value>' won't work properly * for one of the overlays (the firstly activated one) */
####################################################### Second overlay: nestedAggregateAttrURL:
* SYNTAX: * * In slapd.conf : * overlay nestedAggregateAttrURL * nestedAggregateAttrURL <objectClass> <source-attribute> <destination-attribute> [[<maximum-depth>] <TTL>] * Where: * <objectClass> specifies the class that should expand. * <source-attribute> establishes the attribute that contains information * about other entries where to gather destination attribute values from. * <destination-attribute> establishes the attribute that should present all the gathered values. * <maximum-depth> establishes the maximum nesting depth level. If not specified, it defaults * to 0 which means no nesting is allowed (not even one level). * <TTL> establishes the maximum time allowed to serve the query. You should take into account that: * If different TTLs are set for the different configurations the minimum * will be used for all configurations. * The TTL affects ALL searches done when the overlay is active and not only * those related to the configured clases. * * * EXAMPLE: * * NOTE: you will probably need/want to define some attributes and classes in your schema. You can use * netscape's groupOfURLs, anyway... * example.schema: * ------------------- * objectIdentifier YOUR_ENTERPRISE_Root 1.3.6.1.4.1.<somenumber> * objectIdentifier YOUR_ENTERPRISE_LDAP YOUR_ENTERPRISE_Root:3 * objectIdentifier YOUR_ENTERPRISE_LDAPattributeType YOUR_ENTERPRISE_LDAP:1 * objectIdentifier YOUR_ENTERPRISE_LDAPobjectClass YOUR_ENTERPRISE_LDAP:2 * * # Attribute type for new classes * * attributetype ( YOUR_ENTERPRISE_LDAPattributeType:1 * NAME 'subgroupURL' * DESC 'URL to search for aggregable entries' * SUP labeledURI ) * * # Classes for using overlay nestedAggregateAttrURL * * objectclass ( YOUR_ENTERPRISE_LDAPobjectClass:1 * NAME 'subgroupedURLGroup' * DESC 'Sample class for nestedAggregateAttrURL (experimental purpose)' * SUP top STRUCTURAL * MUST cn * MAY ( member $ subgroupURL $ cn $ ou $ o $ description ) ) * * attributetype ( IAVANTE_LDAPattributeType:2 * NAME 'subgroupURL' * DESC 'Identifies an URL containing a search for names of subgroups.' * SUP labeledURI ) * * * slapd.conf: * ------------------- * overlay nestedAggregateAttrURL * # Configure class: subgroupedURLGroup * # Source attribute: memberURL * # Aggregated attribute: member * # Max depth in nesting: 4 * # TTL: 5 sec * nestedAggregateAttrURL subgroupedURLGroup subgroupURL member 4 5 * * * ldif: * ------------------- * * # Static1 * dn: cn=Static1,dc=test * cn: Static1 * objectClass: groupOfNames * member: cn=person1,dc=test * member: cn=person2,dc=test * * # Static2 * dn: cn=Static2,dc=test * cn: Static2 * objectClass: groupOfNames * member: cn=person3,dc=test * member: cn=person4,dc=test * * # SubgroupedLevel1 * dn: cn=SubgroupedLevel1,dc=test * cn: SubgroupedLevel1 * objectClass: subgroupedURLGroup * subgroupURL: ldap:///dc=test??one?(cn=Static*) * * # SubgroupedLevel2 * dn: cn=SubgroupedLevel2,dc=test * cn: SubgroupedLevel2 * objectClass: subgroupedURLGroup * subgroupURL: ldap:///cn=SubgroupedLevel1,dc=test * * * ------------------- * * ldapsearch -x -b "SubgroupedLevel2,dc=test" will return * * # SubgroupedLevel2 * dn: cn=SubgroupedLevel2,dc=test * cn: SubgroupedLevel2 * objectClass: subgroupedURLGroup * subgroupURL: ldap:///cn=SubgroupedLevel1,dc=test * member: cn=person1,dc=test * member: cn=person2,dc=test * member: cn=person3,dc=test * member: cn=person4,dc=test * * IMPORTANT: this overlay conflicts with nestedAggregateAttrDN. * if both are active, some searches don't behave as expacted! * Specifically, if you turn both overlays on and search for * 'entries with member=<some member value>' won't work properly * for one of the overlays (the firstly activated one) * */