[turba] Re: turba ldap driver

Ben Sommer Ben.Sommer at enc.edu
Fri Apr 22 06:33:07 PDT 2005 

Adam Tauno Williams wrote:

>>Also, my confusion about whether turba could be configured to work with 
>>this schema was compounded by the param 'dn', which is misnamed. It 
>>should be 'rdn', and its value should not be an array - since an RDN is 
>>by definition _one_ attribute.
>>    
>>
>
>You're wrong.  Multi-valued RDNs are legal, and not that uncommon, in LDAP.
>  
>
Technically, maybe you're right, though the RFCs are ambiguous, and key 
operations - such as "Modify DN" - which is implimented in ldap.php 
save() - explicitly refer to RDN as the "leftmost component". From RFC 
2251, "Modify DN":

newrdn: the RDN that will form the leftmost component of the new name of the entry.

As far as I can tell, multi-valued RDNs are pretty uncommon in the real 
world, limited mostly to hack-ish PKI implimentations. People on the 
openldap list certainly don't like them. But I don't want to get in a 
pissing contest about it. Just ignore my changes to sources.php 
reagarding multi-valued RDNs, as well as the code ldap.php that deals 
with them.

>Second, the capability to make the RDN attribute non-user defined should 
>be added to the driver and the config/sources.php examples. Reasoning is 
>the same here too - the RDN must be unique, and therefore 
>system-generated - just like an auto-incremented ID in an SQL database. 
>We kinda have the right idea in lib/Driver.php with '__uid', but this 
>should be configurable from within an LDAP turba data source. (The use 
>of the name 'uid' here was another confuser!)
>That's all. What do you think?
>  
>
>
>This sounds more like a job for the DSA than for the client;  otherwise only the
>Turba client can add objects and get your magic sequence.
>  
>
The magic sequence isn't required - only a unique value for the RDN. 
Some user-defined value could be used (like 'mail'). There are certain 
fields that are the purvue of the DSA (e.g. OpenLDAP, or Active 
Directory for non-LDAP geeks) - like timesamp attributes. But I've 
defined an objectclass for use in my addressbook entries, as well as 
other entries, that wants this "magic sequence". I don't need/want my 
clients (i.e. a turba) to know how to genereate that sequence. I just 
want flexibility to, say, pass a code ref to generate the sequence, or 
any other value I might like. Coming from Perl land, we do this all the 
time. That's mainly what I was getting at.

Best,

-- 
Ben Sommer
Senior Technology Officer
Eastern Nazarene College
23 East Elm Ave
Quincy, MA 02170
(617) 745-3817

More information about the turba mailing list