[Freeipa-devel] Adding GUID to the user
Richard Megginson
rmeggins at redhat.com
Fri Sep 28 16:21:29 UTC 2007
Simo Sorce wrote:
> On Fri, 2007-09-28 at 10:02 -0600, Richard Megginson wrote:
>
>> Simo Sorce wrote:
>>
>>> On Fri, 2007-09-28 at 09:10 -0600, Richard Megginson wrote:
>>>
>>>
>>>> Simo Sorce wrote:
>>>>
>>>>
>>>>> On Fri, 2007-09-28 at 08:33 -0600, Richard Megginson wrote:
>>>>>
>>>>>
>>>>>
>>>>>> Fedora DS generates the operational attribute nsUniqueID for each
>>>>>> entry. It is a GUID/UUID but it is formatted a little bit differently
>>>>>> e.g.
>>>>>> xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx
>>>>>> instead of the usual
>>>>>> xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
>>>>>>
>>>>>>
>>>>>>
>>>>> For interoperability reasons we really need a real GUID, is it possible
>>>>> to have that ?
>>>>>
>>>>>
>>>>>
>>>> By real do you mean formatted as 8-4-4-4-12 instead of 8-8-8-8? It is
>>>> possible, but it would require a lot of code changes. Another
>>>> possibility is that we could deprecate nsUniqueID and instead use the
>>>> LDAP entryUUID attribute.
>>>>
>>>>
>>> Is the format the only difference?
>>>
>>>
>> Yes.
>>
>>> Aren't there rules on how to build the GUID in term of what data to use
>>> etc ?
>>>
>>>
>> From the DS code:
>> /* uuid.h - interface to uuid layer. UUID is generated in accordance
>> with UUIDs and GUIDs IETF draft
>> */
>> typedef struct _guid_t
>> {
>> unsigned32 time_low;
>> unsigned16 time_mid;
>> unsigned16 time_hi_and_version;
>> unsigned8 clock_seq_hi_and_reserved;
>> unsigned8 clock_seq_low;
>> PRUint8 node[6];
>> } guid_t;
>>
>> I'm not sure why they chose (in 1999/2000) to format the string
>> representation as 8-8-8-8 instead of the 8-4-4-4-12 that the rest of the
>> world uses, but it is only the string representation that is different.
>>
>
> Then I guess that in the interim we may just copy and reformat the
> string into a new attribute at object creation?
> I guess it can even be just a post operation and the attribute may be
> taken off replication as we can guarantee it is completely equivalent to
> the UUID. Does it make sense?
>
Yes, that should be ok.
> Simo.
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20070928/e6df732e/attachment.bin>
More information about the Freeipa-devel
mailing list