Novell and MIT moving forward on LDAP Plugin

[Savitha R]

>>> On Tue, Jul 25, 2006 at  2:40 AM, in message
<20060724211051.GA28516 at sun.com>,
Will Fiveash <William.Fiveash at sun.com> wrote: 
> On Tue, Jul 18, 2006 at 05:23:41AM - 0600, Savitha R wrote:
>> Hi,
>> 
>> Following is the list of issues that Novell will be working on
>> 
>> 1. Schema changes. 
>>
>> 2. Support for ldapi:// 
>> The LDAP server needs to be specified as LDAP URI in krb5.conf
>> (ldap_server tag) 
> 
> Does this work include support for more flexible LDAP bind
specification
> via the URI and a way to specify the SASL security mech. to use?
> 
What we are looking at initially is to specify the LDAP server via 
an LDAP URI. E.g.
 "ldap[s]://[servername[:port]]"
 or in case of LDAP over IPC :
 "ldapi:///<path to the unix domain socket>/"
We will be considering the support for SASL mechanisms later

>> 3. The code for princtype differentiation based on objectclass will
be
>> removed
>> 
>> 4. Single principal on the LDAP object  with  subsequent
>>  principal objects linked to the LDAP object.
>>
>> 5. Principal to LDAP object mapping based on some rules 
>> without mandating - x userdn option.
>>
>> 6. Replace the LDAP APIs which are deprecated in OpenLDAP 2.3
>> 
>> We will be posting more information on 1, 4 and 5 separately.
> 
> Any idea when you plan on posting this information? 
Information on 4 and 5 will be posted today or tomorrow. 
The schema changes will be posted by the end of this week.

> I was speaking with
> Sam recently on how we can move forward and Sun would like to
contribute
> fixes/enhancements to the Novell LDAP plugin code but we do not want
to
> duplicate effort or work at cross purposes.
> 
> BTW, did you see the list of Sun LDAP plugin requirements?  Any
comments
> on that (if you do have some it would be better to respond on that
other
> e- mail thread)?
We have seen the list of requirements. We will respond with our
comments.


Regards
Savitha