[imp] LDAP poll

[John Morrissey]

On Thu, Oct 19, 2000 at 09:31:31AM -0500, Dave Caplinger wrote:
% John Morrissey wrote:
% > Also (correct me if I'm wrong), if you generate a DN in the code without
% > first performing a search, you're assuming that all users are directly under
% > a particular root DN; I would imagine that some organizations break users
% > off into different subtrees for logical and/or organizational purposes. For
% > example: uid=user1,ou=Engineering,o=BigCorp,c=US and
% > uid=user2,ou=Marketing,o=BigCorp,c=US. user1 and user2 are still in the same
% > namespace, but for whatever reason, they're split into two separate OUs.
% 
% I'll chip in agreement to the first point (i.e. you can't guarantee that
% "uid=whatever" is how entries are identified), but as for the second one,
% isn't this solved by specifying the more general search base DN (in your
% example, use "o=BigCorp,c=US" rather than limiting it to "ou=Engineering"
% or some other OU subtree?

Remember that we're talking about generating a DN from scratch here; Jon's
proposing to generate DNs from the username and a root DN. For example, if
user foo is logged into IMP and the root DN is set (via IMP preferences?) to
o=bar,c=US, then the generated DN would be uid=foo,o=bar,c=US. However, if
user foo is really uid=foo,ou=engineering,o=bar,c=US, then IMP won't be
generating the right DN for that user. In that case, you'd have to search
under o=bar,c=US for "(uid=foo)" and retrieve the DN for that entry from the
search results.

john
-- 
John Morrissey      _o            /\         ----  __o
RPA Internet     _-< \_          /  \       ----  <  \,
jwm@rpa.net   __(_)/_(_)________/    \_______(_) /_(_)__