philippe.eychart@informatique.gov.pf wrote:
michael@stroeder.com wrote:
Such an extension would be feasible. But still I'm not sure whether this distinction is needed. Although LDAP URL with empty hostport portion are used internally (e.g. in ACLs) this IMHO does not affect ldap_initialize(). Maybe I missed something. But before implementing a patch this should be clarified.
Do you suggest that an empty hostport (as ldap_initialize() arg) could mean that a SRV search is needed ? But this will reduce the search in the default domain name, won't it ? So, how to produce a search in another specific domain name when wished ? Where (in the URI) to appoint the root ("dc=my,dc=domain") or the explicit domain name ("my.domain") for the search domain ?...
Secondarily, how to specify the present meaning "this LDAP server" if we use this empty hostport syntaxe for SRV seach ? (A SRV search could respond when the user think to request his local LDAP server ...)
OpenLDAP clients do the following:
empty hostport, empty DN: localhost, default port
empty hostport, non-empty DN: SRV
what might be missing IMHO is:
use domain to specify SRV
however, I don't see any special need for it, as domain can always be put in DN form.
I don't know if there's need for a form that asks to use SRV to discover the server for the default SUFFIX.
In order to avoid issues, I recommend using something like
x-dnssrv={<domain>|<DN>}
where <DN> is restricted to the domain component sequence form.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando@sys-net.it -----------------------------------
-
ando@sys-net.it