[Freeipa-devel] Adding GUID to the user

Richard Megginson rmeggins at redhat.com
Fri Sep 28 16:21:29 UTC 2007 

Simo Sorce wrote:
> On Fri, 2007-09-28 at 10:02 -0600, Richard Megginson wrote:
>   
>> Simo Sorce wrote:
>>     
>>> On Fri, 2007-09-28 at 09:10 -0600, Richard Megginson wrote:
>>>   
>>>       
>>>> Simo Sorce wrote:
>>>>     
>>>>         
>>>>> On Fri, 2007-09-28 at 08:33 -0600, Richard Megginson wrote:
>>>>>   
>>>>>       
>>>>>           
>>>>>> Fedora DS generates the operational attribute nsUniqueID for each 
>>>>>> entry.  It is a GUID/UUID but it is formatted a little bit differently
>>>>>> e.g.
>>>>>> xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx
>>>>>> instead of the usual
>>>>>> xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx 
>>>>>>     
>>>>>>         
>>>>>>             
>>>>> For interoperability reasons we really need a real GUID, is it possible
>>>>> to have that ?
>>>>>   
>>>>>       
>>>>>           
>>>> By real do you mean formatted as 8-4-4-4-12 instead of 8-8-8-8?  It is 
>>>> possible, but it would require a lot of code changes.  Another 
>>>> possibility is that we could deprecate nsUniqueID and instead use the 
>>>> LDAP entryUUID attribute.
>>>>     
>>>>         
>>> Is the format the only difference?
>>>   
>>>       
>> Yes.
>>     
>>> Aren't there rules on how to build the GUID in term of what data to use
>>> etc ?
>>>   
>>>       
>>  From the DS code:
>> /* uuid.h - interface  to uuid layer. UUID is generated in accordance
>>             with UUIDs and GUIDs IETF draft
>>  */
>> typedef struct _guid_t
>> {
>>     unsigned32 time_low;
>>     unsigned16 time_mid;
>>     unsigned16 time_hi_and_version;
>>     unsigned8  clock_seq_hi_and_reserved;
>>     unsigned8  clock_seq_low;
>>     PRUint8    node[6];
>> } guid_t;
>>
>> I'm not sure why they chose (in 1999/2000) to format the string 
>> representation as 8-8-8-8 instead of the 8-4-4-4-12 that the rest of the 
>> world uses, but it is only the string representation that is different.
>>     
>
> Then I guess that in the interim we may just copy and reformat the
> string into a new attribute at object creation?
> I guess it can even be just a post operation and the attribute may be
> taken off replication as we can guarantee it is completely equivalent to
> the UUID. Does it make sense?
>   
Yes, that should be ok.
> Simo.
>
>   

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20070928/e6df732e/attachment.bin>

More information about the Freeipa-devel mailing list