Update on LDAP section of the IPP spec

Update on LDAP section of the IPP spec

Update on LDAP section of the IPP spec

kcarter at VNET.IBM.COM kcarter at VNET.IBM.COM
Fri Nov 22 14:13:45 EST 1996

IPP Team,

I had 2 LDAP gurus review the attached section.  Updates are indicated inline
of the section via KC->.

Everyone have a super holiday!


Received: from lists.underscore.com by vnet.IBM.COM (IBM VM SMTP V2R3) with TCP;
   Thu, 21 Nov 96 12:03:53 EST
Received: from localhost (daemon at localhost) by lists.underscore.com (8.7.5/8.7.3) with SMTP id MAA25677; Thu, 21 Nov 1996 12:02:44 -
Received: by pwg.org (bulk_mailer v1.5); Thu, 21 Nov 1996 12:02:18 -0500
Received: (from daemon at localhost) by lists.underscore.com (8.7.5/8.7.3) id MAA25611 for ipp-outgoing; Thu, 21 Nov 1996 12:02:14 -050
From: kcarter at VNET.IBM.COM
Message-Id: <199611211702.MAA25603 at lists.underscore.com>
Date: Thu, 21 Nov 96 09:57:10 CST
To: ipp at pwg.org
cc: mccarter at mail.utexas.edu
Subject: LDAP section of IPP spec
Sender: ipp-owner at pwg.org

IPP Team,

Here is the draft for how to register Printer objects using LDAP.  I based this
on my reading of RFCs 1777, 1823, 1959 and 1960.

*** I will be at home so please send comments to the IPP mailing list and
*** cc mccarter at mail.utexas.edu so I receive the comments at home.  Thanks.

4.3  Printer Object Directory Entry and Location

To allow directory users to locate an IPP printer, a corresponding Printer
object must be defined as a directory entry.  The directory entry includes
the name of the entry and the attributes as defined in "4.2 Directory Entry
Schema".  An example of how to define a directory entry for a Printer object
using LDAP is given to assist the reader's understanding of this specification.

To create a Printer object directory entry using LDAP:

1.  An administrator uses a program to create an entry for the Printer object
    on a directory server that supports LDAP.  The administrator defines the
    Distinguished Name (dn) and the default subjective attributes for the
    Printer object directory entry.

KC->  In "4.2 Directory Entry Schema", we must specify which attributes
KC->  "must" be contained (i.e. mandatory) and which attributes "may"
KC->  be contained (i.e. conditional) in a Printer object directory entry.
KC->  "must" and "may" are LDAP terms.

    *** ISSUE:  Should the administrator also define default objective
    attributes or wait for the Printer object to initialize these attributes?

KC->  This is our decision.  LDAP doesn't favor one approach over the other.

2.  The Printer object invokes the ldap_open API to open a connection to the
    directory server.

    Example:  ld=ldap_open ("dir.host.name", LDAP_PORT)
    where ld is the connection handle for subsequent LDAP APIs.

3.  The Printer object invokes an ldap "bind" API to authenticate with the
    directory server.

    Example:  ldap_simple_bind_s (ld, dn, NULL) which does a simple
    authentication without a password.

4.  The Printer object invokes the ldap_modify or ldap_modify_s API to
    define the objective attributes for the Printer object entry as
    identified by is Distinguished Name (dn).

    Example:  ldap_modify_s (ld, dn, mods) where mods is a NULL-terminated
    array of objective attributes and values to add or modify in the directory

5.  The Printer object invokes the ldap_unbind API to close the connection
    to the directory server.

    Example:  ldap_unbind (ld)

When one or more objective attributes are modified for a Printer object, the
Printer object repeats steps 2-5 to update the modified objective attributes
in its directory entry.

To locate a Printer object entry using LDAP, a program can use the ldap_search
or ldap_search_s API or a user can specify an LDAP URL.  For example, to
locate all Printer objects that support duplex, a user can specify URL:


KC-> We need a printer object class (see answer to issue below).  This
KC-> changes the search example to the following:
KC->   ldap:///dir.host.name???(&(objectClass=printer)
KC->          (sides-supported=2-sided-long-binding-edge))

ISSUE:  Should one filter the search for an object class of Printer?  Do we
need to define this object class?  If so, how?

KC->  We need a printer object class.  The printer class should be
KC->  subclass of the device class already defined in X.500.
KC->  printer  OBJECT-CLASS  ::= {
KC->    SUBCLASS OF    {device}
KC->    MUST CONTAIN   {list of mandatory attributes}
KC->    MAY CONTAIN    {list of optional attributes}
KC->  I'll find out the process for defining a printer class upon my return
KC->  to the office on 12/2.

Please refer to the following RFCs for more information on LDAP:

RFC 1777 - Lightweight Directory Access Protocol
RFC 1823 - The LDAP Application Program Interface
RFC 1959 - An LDAP URL Format
RFC 1960 - A String Representation of LDAP Search Filters


More information about the Ipp mailing list