[Freeipa-devel] Adding GUID to the user
Richard Megginson
rmeggins at redhat.com
Fri Sep 28 14:48:47 UTC 2007
Rob Crittenden wrote:
> Richard Megginson wrote:
>> Karl MacMillan wrote:
>>> On Fri, 2007-09-28 at 03:30 -0400, Simo Sorce wrote:
>>>
>>>> It seem that many LDAP servers today provide GUIDs for their objects.
>>>> In particular while talking to OpenDirectory developers it came out
>>>> that
>>>> a GUID would make things easier for an hypotetical MacOSX Client, also
>>>> it may make things a bit easier for a samba4 front-end using data on
>>>> freeIPA.
>>>>
>>>> I'd like to add GUIDs to all our entries, is there any reason why we
>>>> shouldn't ?
>>>> Not sure yet how much work that will be, and if it is too much we can
>>>> delay it by a few months eventually.
>>>>
>>>> Comments?
>>>>
>>>>
>>>
>>> I think we should definitely do this as it is also needed by anyone
>>> that
>>> wants to store information about our objects in a separate datastore
>>> (like an sql database). Without a guaranteed stable identifier to
>>> use as
>>> a primary key it would not be safe to store, say, additional
>>> information
>>> about users in a separate data store.
>>>
>>> It would be nice if this could be done in v1 timeframe - any thoughts
>>> about how hard this is?
>>>
>> Fedora DS generates the operational attribute nsUniqueID for each
>> entry. It is a GUID/UUID but it is formatted a little bit
>> differently e.g.
>> xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx
>> instead of the usual
>> xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
>
> How does that work in MMR? Is it possible to get duplicates?
Nope. The algorithm for UUID generation prohibits duplicates.
>
> rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20070928/9361f5f1/attachment.bin>
More information about the Freeipa-devel
mailing list