I had 2 LDAP gurus review the attached section. Updates are indicated inline
of the section via KC->.
Everyone have a super holiday!
Keith
Received: from lists.underscore.com by vnet.IBM.COM (IBM VM SMTP V2R3) with TCP;
Thu, 21 Nov 96 12:03:53 EST
Received: from localhost (daemon@localhost) by lists.underscore.com (8.7.5/8.7.3) with SMTP id MAA25677; Thu, 21 Nov 1996 12:02:44 -
Received: by pwg.org (bulk_mailer v1.5); Thu, 21 Nov 1996 12:02:18 -0500
Received: (from daemon@localhost) by lists.underscore.com (8.7.5/8.7.3) id MAA25611 for ipp-outgoing; Thu, 21 Nov 1996 12:02:14 -050
From: kcarter@VNET.IBM.COM
Message-Id: <199611211702.MAA25603@lists.underscore.com>
Date: Thu, 21 Nov 96 09:57:10 CST
To: ipp@pwg.org
cc: mccarter@mail.utexas.edu
Subject: LDAP section of IPP spec
Sender: ipp-owner@pwg.org
IPP Team,
Here is the draft for how to register Printer objects using LDAP. I based this
on my reading of RFCs 1777, 1823, 1959 and 1960.
*** I will be at home so please send comments to the IPP mailing list and
*** cc mccarter@mail.utexas.edu so I receive the comments at home. Thanks.
4.3 Printer Object Directory Entry and Location
To allow directory users to locate an IPP printer, a corresponding Printer
object must be defined as a directory entry. The directory entry includes
the name of the entry and the attributes as defined in "4.2 Directory Entry
Schema". An example of how to define a directory entry for a Printer object
using LDAP is given to assist the reader's understanding of this specification.
To create a Printer object directory entry using LDAP:
1. An administrator uses a program to create an entry for the Printer object
on a directory server that supports LDAP. The administrator defines the
Distinguished Name (dn) and the default subjective attributes for the
Printer object directory entry.
KC-> In "4.2 Directory Entry Schema", we must specify which attributes
KC-> "must" be contained (i.e. mandatory) and which attributes "may"
KC-> be contained (i.e. conditional) in a Printer object directory entry.
KC-> "must" and "may" are LDAP terms.
*** ISSUE: Should the administrator also define default objective
attributes or wait for the Printer object to initialize these attributes?
KC-> This is our decision. LDAP doesn't favor one approach over the other.
2. The Printer object invokes the ldap_open API to open a connection to the
directory server.
Example: ld=ldap_open ("dir.host.name", LDAP_PORT)
where ld is the connection handle for subsequent LDAP APIs.
3. The Printer object invokes an ldap "bind" API to authenticate with the
directory server.
Example: ldap_simple_bind_s (ld, dn, NULL) which does a simple
authentication without a password.
4. The Printer object invokes the ldap_modify or ldap_modify_s API to
define the objective attributes for the Printer object entry as
identified by is Distinguished Name (dn).
Example: ldap_modify_s (ld, dn, mods) where mods is a NULL-terminated
array of objective attributes and values to add or modify in the directory
entry.
5. The Printer object invokes the ldap_unbind API to close the connection
to the directory server.
Example: ldap_unbind (ld)
When one or more objective attributes are modified for a Printer object, the
Printer object repeats steps 2-5 to update the modified objective attributes
in its directory entry.
To locate a Printer object entry using LDAP, a program can use the ldap_search
or ldap_search_s API or a user can specify an LDAP URL. For example, to
locate all Printer objects that support duplex, a user can specify URL:
ldap:///dir.host.name???(sides-supported=2-sided-long-binding-edge)
KC-> We need a printer object class (see answer to issue below). This
KC-> changes the search example to the following:
KC->
KC-> ldap:///dir.host.name???(&(objectClass=printer)
KC-> (sides-supported=2-sided-long-binding-edge))
ISSUE: Should one filter the search for an object class of Printer? Do we
need to define this object class? If so, how?
KC-> We need a printer object class. The printer class should be
KC-> subclass of the device class already defined in X.500.
KC->
KC-> printer OBJECT-CLASS ::= {
KC-> SUBCLASS OF {device}
KC-> MUST CONTAIN {list of mandatory attributes}
KC-> MAY CONTAIN {list of optional attributes}
KC->
KC-> I'll find out the process for defining a printer class upon my return
KC-> to the office on 12/2.
Please refer to the following RFCs for more information on LDAP:
RFC 1777 - Lightweight Directory Access Protocol
RFC 1823 - The LDAP Application Program Interface
RFC 1959 - An LDAP URL Format
RFC 1960 - A String Representation of LDAP Search Filters
Keith