DC/X521 gateway What it does With each qeury it tries to find out the responsible ldap server and...
-
Upload
tracy-daniel -
Category
Documents
-
view
214 -
download
0
Transcript of DC/X521 gateway What it does With each qeury it tries to find out the responsible ldap server and...
![Page 1: DC/X521 gateway What it does With each qeury it tries to find out the responsible ldap server and returns a referral for that server.](https://reader035.fdocuments.net/reader035/viewer/2022071709/56649f3e5503460f94c5ee88/html5/thumbnails/1.jpg)
DC/X521 gatewayWhat it does
With each qeury it tries to find out the responsible ldap server and returns a referral for that server.
![Page 2: DC/X521 gateway What it does With each qeury it tries to find out the responsible ldap server and returns a referral for that server.](https://reader035.fdocuments.net/reader035/viewer/2022071709/56649f3e5503460f94c5ee88/html5/thumbnails/2.jpg)
DC/X521 gatewayHow?
Translates the DN to a DC-DN and a X521-DN. Queries default server.
DNS-query for the SRV record. Returns referral.
Implemented by adapting DNS back-end code of OpenLdap v. 2.0.7
![Page 3: DC/X521 gateway What it does With each qeury it tries to find out the responsible ldap server and returns a referral for that server.](https://reader035.fdocuments.net/reader035/viewer/2022071709/56649f3e5503460f94c5ee88/html5/thumbnails/3.jpg)
DC/X521 gateway
![Page 4: DC/X521 gateway What it does With each qeury it tries to find out the responsible ldap server and returns a referral for that server.](https://reader035.fdocuments.net/reader035/viewer/2022071709/56649f3e5503460f94c5ee88/html5/thumbnails/4.jpg)
DC/X521 gatewaymore heuristic approaches
Adapt the domain part of the DC_DN and put ldap. in front of it and try this LDAP-host.
Go up one or more domain parts and do a SRV-record look-up and/or put ldap. in front of it.
![Page 5: DC/X521 gateway What it does With each qeury it tries to find out the responsible ldap server and returns a referral for that server.](https://reader035.fdocuments.net/reader035/viewer/2022071709/56649f3e5503460f94c5ee88/html5/thumbnails/5.jpg)
DC/X521 gatewayproblems
Which parts of the DN must/can be translated? LDAP search takes time. At this moment all searches are done as
anonymous. No SASL, KERBEROS etc.
![Page 6: DC/X521 gateway What it does With each qeury it tries to find out the responsible ldap server and returns a referral for that server.](https://reader035.fdocuments.net/reader035/viewer/2022071709/56649f3e5503460f94c5ee88/html5/thumbnails/6.jpg)
DC/X521 gatewayto do
Implement heuristic approaches Optimise
By changing sequence of searches By implementing time-outs in ldap searches
etc.