1 / 7

Some experiences on LDAP deployment in the RedIRIS network

Some experiences on LDAP deployment in the RedIRIS network. TF-LSD February 2, 2001. Amsterdam. Evolution of the Spanish Academic Directory. From X.500 to LDAP From X.521 to dc-based Current o=Universidad XX,c=es Intended dc=uxx,dc=es Simpler location of electronic entities

Download Presentation

Some experiences on LDAP deployment in the RedIRIS network

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Some experiences on LDAP deployment in the RedIRIS network TF-LSD February 2, 2001. Amsterdam

  2. Evolution of the Spanish Academic Directory • From X.500 to LDAP • From X.521 to dc-based • Current o=Universidad XX,c=es • Intended dc=uxx,dc=es • Simpler location of electronic entities • Domain-based naming is used by all other services • Ease of use (user@dom.ain, server.dom.ain) • Easier integration with the SRV RR in DNS • Problems • White-pages applications • It is usual to reflect organization structures into the DIT • Searches are often performed on DN components. Those attributes are not included in the entry itself • Legacy (what about certificates?)

  3. From X.521 to dc naming • Legacy • Temporary maintenance of both structures • Up to what existing applications require • White pages • CIP-based index server (LIMS) • Minimum common set of attributes (iris-* classes?) • At the national level (dc=es/c=es), a server containing referrals to organizational servers • At the organizational level, recommendations for building interfaces based on the iris-* attributes

  4. Migration Task Force • RedIRIS + 3 universities + 1 regional government • 6 LDAP servers • 40,000 entries • Definition of a iris-* skeleton • Define required (indexable) attributes for: • Organizations • Groups • Services • Persons • Attributes for metadata are specially relevant • Tests on the new structure • Migration guide

  5. referral dc=xx Test structure OpenLDAP dc=es OpenLDAP dc=rediris, dc=es dc=rediris OpenLDAP dc=um, dc=es dc=um OpenLDAP dc=dif, dc=um, dc=es dc=dif dc=unirioja c=es Netscape Directory Server o=rediris o=universidad de la rioja, c=es o=universidad de la rioja IPlanet o=GVA, c=es o=GVA

  6. Experimental index server

  7. Tests with the index server • Using the LDIF files provided by the participating organizations • Experiments are quite promising • Issues detected up to now • Different formats for coding national characters in LDIF files => problems when searching them • Mismatch between the speficied filter and the one used internally by the index server • Assume we use the filter cn=javi • The index server returns referrals for the filter cn=*javi* • Not all referred servers contains entries matching cn=javi, so they return “not found” when receiving the search

More Related