[Engine-devel] namingcontexts getting ignored.

Yair Zaslavsky yzaslavs at redhat.com
Sun Apr 29 08:23:48 UTC 2012 

On 04/29/2012 11:08 AM, Oved Ourfalli wrote:
> 
> 
> ----- Original Message -----
>> From: "Yair Zaslavsky" <yzaslavs at redhat.com>
>> To: engine-devel at ovirt.org
>> Sent: Sunday, April 29, 2012 11:02:00 AM
>> Subject: Re: [Engine-devel] namingcontexts getting ignored.
>>
>> On 04/29/2012 09:49 AM, Oved Ourfalli wrote:
>>> Hey,
>>>
>>> In case the namingContexts field contains more than one naming
>>> context, we have no way of knowing which one is the required one.
>>> We take the first one. In active directory, for example (and as far
>>> as I understand in the newest free-ipa) you have a
>>> defaultNamingContext field, and if so we take it, and it contains
>>> only one naming context.
>>>
>>> As you see in the code below, we have a "special" treatment for
>>> RHDS, as it always contains "o=netscaperoot" in the namingContexts
>>> field (not necessary at the beginning of the list), so we filter
>>> it out.
>>>
>>> It was enough for now, but I agree that if adding new LDAP
>>> providers, which usually have a more complex and unpredictable
>>> data in the namingContext field, then we would probably need to
>>> ask the user to specify the naming context for us, and if he
>>> didn't specify it then assume it is identical to the domain name.
>>>
>>> Oved
>>
>> Another idea -
>> Now that we provide the provider type in manage domains, maybe we
>> should
>> add a logic for getting naming contexts based on the provider type.
>> Thoughts on this?
>>
>>
> That's pretty much what we do (although it is all in one method, so it should be extracted to an interface). But, it is assuming one can predict what will be in this field.
> In IPA we now have the defaultNamingContext, so we can use it (like we do in AD). In RHDS we know what it contains, so we can deduce the naming context. Not sure about IBM- directory services. So, we might need to provide a configuration entry for that as well (same as we do with the provider type).
What I mean - pass the providerType all the way from the ManageDomins
class to RootDSEData (need to check if this possible).
Then, based on the providerType , handle the naming contexts.
I'm sure Sharad can shed a light on what should be handled for Tivoli DS.
Btw, I'm not saying that providing a config entry is not a good idea,
what I'm saying is that we can use the provider type to provider better
handling (making namingContext an optional parameter, and in case not
provider, use logic based on provider type).


> 
> 
> 
>>>
>>> ----- Original Message -----
>>>> From: "Sharad Mishra" <snmishra at linux.vnet.ibm.com>
>>>> To: engine-devel at ovirt.org
>>>> Sent: Saturday, April 28, 2012 2:51:25 AM
>>>> Subject: [Engine-devel] namingcontexts getting ignored.
>>>>
>>>>
>>>> Hi,
>>>>
>>>>     I enter "getDefaultNamingContextFromNamingContexts()" with
>>>> namingContexts set to -
>>>>
>>>> namingcontexts: CN=SCHEMA, CN=LOCALHOST, CN=IBMPOLICIES,
>>>> O=IBM.COM,
>>>> O=DELETED.IBM.COM
>>>>
>>>>     But this method only takes the first case "CN=SCHEMA" and
>>>>     ignores
>>>> the rest. Actually I am interested in "O=IBM.COM".
>>>>     Is this working as designed or needs improvement?
>>>>
>>>> -Sharad Mishra
>>>> IBM
>>>>
>>>> public class RootDSEData {
>>>>      private String domainDN = null;
>>>>      private LdapProviderType ldapProviderType = null;
>>>>      private final static String RHDS_NAMING_CONTEXT =
>>>>      "o=netscaperoot";
>>>>
>>>>      public static String
>>>> getDefaultNamingContextFromNamingContexts(Attribute
>>>> namingContexts) {
>>>>          for (int index = 0; index < namingContexts.size();
>>>>          ++index)
>>>>          {
>>>>              String namingContext;
>>>>              try {
>>>>                  namingContext = (String)
>>>>                  namingContexts.get(index);
>>>>              } catch (NamingException e) {
>>>>                  return null;
>>>>              }
>>>>              if
>>>>              (!RHDS_NAMING_CONTEXT.equalsIgnoreCase(namingContext))
>>>>              {
>>>>                  return namingContext;
>>>>              }
>>>>          }
>>>>          return null;
>>>>      }
>>>>
>>>> _______________________________________________
>>>> Engine-devel mailing list
>>>> Engine-devel at ovirt.org
>>>> http://lists.ovirt.org/mailman/listinfo/engine-devel
>>>>
>>> _______________________________________________
>>> Engine-devel mailing list
>>> Engine-devel at ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/engine-devel
>>
>> _______________________________________________
>> Engine-devel mailing list
>> Engine-devel at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/engine-devel
>>

More information about the Engine-devel mailing list