Howard Chu wrote:
Quanah Gibson-Mount wrote:
entryUUID is defined in RFC4530, as an internal LDAP attribute. Personally, if you need a UUID for tracking, I would create your own specific to your application/needs. For example, when I was at Stanford, we used suRegID (stanford university registry ID) and when I was at zimbra, we used zimbraID (zimbra identifier). There have been format changes in the past that required wiping out some of the generated attributes when going between releases.
This is bad advice. If you actually want a UUID then use entryUUID. As noted, it is defined in RFC4530 which means it isn't going to change. The format of UUIDs is well-established in internet standards.
This very much depends on which data source is supposed to be the authorative source of new objects and how the whole object life-cycle looks like.
If the LDAP entry is persistent and it is *the* main authorative source of an object the LDAP entry's 'entryUUID' attribute may serve as a good unique ID.
But note the strong if-clause in the sentence above. If you e.g. merge various data sources you might have to generate UUIDs in a separate process *before* the object even reaches your LDAP server. BTDT.
Ciao, Michael.