Versions Compared

Old Version 2

changes.mady.by.user Christine Koppelt

Saved on

compared with

New Version Current

changes.mady.by.user Pierre-Arnaud Marcelot

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3
Warning
titleWarning

This page needs to be overworked

Introduction

Collective attributes are attributes whose values are shared across a collection of entries. It's very common to encounter situations where a bunch of entries have the same value for an attribute. Collective attributes for LDAP are defined in RFC 3671. ApacheDS implements this RFC.

...

For the use case above we can presume a partition at the namingContext 'dc=example,dc=com' with an 'ou=engineering' entry below containing users from the engineering team in Sunnyvale. Let's presume no AA has yet been defined so we have to create one. We'll set the partition root 'dc=example,dc=com' as the AP of an AA that spans the entire subtree. For this simple example the AA will be autonomous for the collective aspect. Setting this up is just a matter of modifying the 'dc=example,dc=com' entry so it contains the operational attribute administrativeRole with the value collectiveAttributeSpecificArea. The code below sets up this AAA for collective attribute administration.

No Format
  // Get a DirContext on the dc=example,dc=com entry
  Hashtable env = new Hashtable();
  env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
  env.put( "java.naming.provider.url", "ldap://localhost:" + port + "/dc=example,dc=com" );
  env.put( "java.naming.security.principal", "uid=admin,ou=system" );
  env.put( "java.naming.security.credentials", "secret" );
  env.put( "java.naming.security.authentication", "simple" );
  ctx = new InitialDirContext( env );

  // Modify the entry to make it an AAA for collective attribute administration
  Attributes mods = new BasicAttributes( "administrativeRole", "collectiveAttributeSpecificArea", true );
  ctx.modifyAttributes( "", DirContext.ADD_ATTRIBUTE, mods );

...

No Format
dn: cn=engineeringLocale,dc=example,dc=com
objectClass: top
objectClass: subentry
objectClass: collectiveAttributeSubentry
cn: engineeringLocale
c-l: Sunnyvale
subtreeSpecification: {base "ou=engineering", minimum 4}

The following picture present the structure of our tree :
Image Added
A couple points regarding this subentry's LDIF:

...

No Format
3.1. Collective Locality Name

   The c-l attribute type specifies a locality name for a collection of
   entries.

      ( 2.5.4.7.1 NAME 'c-l'
        SUP l COLLECTIVE )

3.2. Collective State or Province Name

   The c-st attribute type specifies a state or province name for a
   collection of entries.

      ( 2.5.4.8.1 NAME 'c-st'
        SUP st COLLECTIVE )

3.3. Collective Street Address

   The c-street attribute type specifies a street address for a
   collection of entries.

      ( 2.5.4.9.1 NAME 'c-street'
        SUP street COLLECTIVE )

3.4. Collective Organization Name

   The c-o attribute type specifies an organization name for a
   collection of entries.

      ( 2.5.4.10.1 NAME 'c-o'
        SUP o COLLECTIVE )

3.5. Collective Organizational Unit Name

   The c-ou attribute type specifies an organizational unit name for a
   collection of entries.

      ( 2.5.4.11.1 NAME 'c-ou'
        SUP ou COLLECTIVE )

3.6. Collective Postal Address

   The c-PostalAddress attribute type specifies a postal address for a
   collection of entries.

      ( 2.5.4.16.1 NAME 'c-PostalAddress'
        SUP postalAddress COLLECTIVE )

3.7. Collective Postal Code

   The c-PostalCode attribute type specifies a postal code for a
   collection of entries.

      ( 2.5.4.17.1 NAME 'c-PostalCode'
        SUP postalCode COLLECTIVE )

3.8. Collective Post Office Box

   The c-PostOfficeBox attribute type specifies a post office box for a
   collection of entries.

      ( 2.5.4.18.1 NAME 'c-PostOfficeBox'
        SUP postOfficeBox COLLECTIVE )

3.9. Collective Physical Delivery Office Name

   The c-PhysicalDeliveryOfficeName attribute type specifies a physical
   delivery office name for a collection of entries.

      ( 2.5.4.19.1 NAME 'c-PhysicalDeliveryOfficeName'
        SUP physicalDeliveryOfficeName COLLECTIVE )

3.10. Collective Telephone Number

   The c-TelephoneNumber attribute type specifies a telephone number for
   a collection of entries.

      ( 2.5.4.20.1 NAME 'c-TelephoneNumber'
        SUP telephoneNumber COLLECTIVE )

3.11. Collective Telex Number

   The c-TelexNumber attribute type specifies a telex number for a
   collection of entries.

      ( 2.5.4.21.1 NAME 'c-TelexNumber'
        SUP telexNumber COLLECTIVE )

3.13. Collective Facsimile Telephone Number

   The c-FacsimileTelephoneNumber attribute type specifies a facsimile
   telephone number for a collection of entries.

      ( 2.5.4.23.1 NAME 'c-FacsimileTelephoneNumber'

   SUP facsimileTelephoneNumber COLLECTIVE )

3.14. Collective International ISDN Number

   The c-InternationalISDNNumber attribute type specifies an
   international ISDN number for a collection of entries.

      ( 2.5.4.25.1 NAME 'c-InternationalISDNNumber'
        SUP internationalISDNNumber COLLECTIVE )