[Fedora-directory-devel] Support for bitwise operations?
Richard Megginson
rmeggins at redhat.com
Tue Mar 13 14:03:48 UTC 2007
Andrew Bartlett wrote:
> On Mon, 2007-03-12 at 13:36 -0700, Pete Rowley wrote:
>
>> Andrew Bartlett wrote:
>>
>>> It seems to me that Fedora DS does not support Microsoft's extended
>>> match bitwise operations.
>>>
>>> I chatted with Pete about it on IRC, but thought to document it here for
>>> discussion. While it would be technically possible for me to filter
>>> these on the client side, it becomes silly fast. I need the LDAP
>>> backend side to handle these.
>>>
>>> This is the kind of search Fedora DS needs to accept, for Samba4 to use
>>> it as a backend:
>>> (|(&(!(groupType:1.2.840.113556.1.4.803:=1))(groupType:1.2.840.113556.1.4.803:=2147483648)(groupType:1.2.840.113556.1.4.804:=10))
>>>
>>>
>>>
>> Basic question: why are you storing bit fields in the first place? Why
>> not store the information in a more readily accessible fashion, both to
>> your code, and the administrator of the system? As you noted, the
>> bitwise extensible matches are Microsoft extensions and they have not
>> been specified in any RFC or IETF draft document AFAIK. Consequently
>> you should not expect the functionality to be generally available in
>> LDAP directory servers.
>>
>
> Looking over this, it seems possible to write this as a slapi plugin,
> which I can then host (no doubt with other random hacks/patches/etc to
> make this thing happen) in Samba's lorikeet repository.
>
> I've looked around, and I can't find a free skeleton slapi module to
> work/hack from, aside from this one:
> http://docs.sun.com/source/817-7617/matching.html (which I won't use,
> because the copyright status is unclear to me).
>
> Is there an example matching rule plugin (that I can use in Fedora DS)
> out there?
>
Not that I know of. Of course, the collation plugin is an "example" of
a matching rule plugin -
http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/collation/?root=dirsec
> Andrew Bartlett
>
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-devel mailing list
> Fedora-directory-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-devel
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20070313/5effd982/attachment.bin>
More information about the Fedora-directory-devel
mailing list