Update on LDAP section of the IPP spec

Update on LDAP section of the IPP spec

kcarter at VNET.IBM.COM kcarter at VNET.IBM.COM
Fri Nov 22 14:13:45 EST 1996


IPP Team,


I had 2 LDAP gurus review the attached section.  Updates are indicated inline
of the section via KC->.


Everyone have a super holiday!


Keith


Received: from lists.underscore.com by vnet.IBM.COM (IBM VM SMTP V2R3) with TCP;
   Thu, 21 Nov 96 12:03:53 EST
Received: from localhost (daemon at localhost) by lists.underscore.com (8.7.5/8.7.3) with SMTP id MAA25677; Thu, 21 Nov 1996 12:02:44 -
Received: by pwg.org (bulk_mailer v1.5); Thu, 21 Nov 1996 12:02:18 -0500
Received: (from daemon at localhost) by lists.underscore.com (8.7.5/8.7.3) id MAA25611 for ipp-outgoing; Thu, 21 Nov 1996 12:02:14 -050
From: kcarter at VNET.IBM.COM
Message-Id: <199611211702.MAA25603 at lists.underscore.com>
Date: Thu, 21 Nov 96 09:57:10 CST
To: ipp at pwg.org
cc: mccarter at mail.utexas.edu
Subject: LDAP section of IPP spec
Sender: ipp-owner at pwg.org


IPP Team,


Here is the draft for how to register Printer objects using LDAP.  I based this
on my reading of RFCs 1777, 1823, 1959 and 1960.


*** I will be at home so please send comments to the IPP mailing list and
*** cc mccarter at mail.utexas.edu so I receive the comments at home.  Thanks.


4.3  Printer Object Directory Entry and Location


To allow directory users to locate an IPP printer, a corresponding Printer
object must be defined as a directory entry.  The directory entry includes
the name of the entry and the attributes as defined in "4.2 Directory Entry
Schema".  An example of how to define a directory entry for a Printer object
using LDAP is given to assist the reader's understanding of this specification.


To create a Printer object directory entry using LDAP:


1.  An administrator uses a program to create an entry for the Printer object
    on a directory server that supports LDAP.  The administrator defines the
    Distinguished Name (dn) and the default subjective attributes for the
    Printer object directory entry.


KC->  In "4.2 Directory Entry Schema", we must specify which attributes
KC->  "must" be contained (i.e. mandatory) and which attributes "may"
KC->  be contained (i.e. conditional) in a Printer object directory entry.
KC->  "must" and "may" are LDAP terms.


    *** ISSUE:  Should the administrator also define default objective
    attributes or wait for the Printer object to initialize these attributes?


KC->  This is our decision.  LDAP doesn't favor one approach over the other.


2.  The Printer object invokes the ldap_open API to open a connection to the
    directory server.


    Example:  ld=ldap_open ("dir.host.name", LDAP_PORT)
    where ld is the connection handle for subsequent LDAP APIs.


3.  The Printer object invokes an ldap "bind" API to authenticate with the
    directory server.


    Example:  ldap_simple_bind_s (ld, dn, NULL) which does a simple
    authentication without a password.


4.  The Printer object invokes the ldap_modify or ldap_modify_s API to
    define the objective attributes for the Printer object entry as
    identified by is Distinguished Name (dn).


    Example:  ldap_modify_s (ld, dn, mods) where mods is a NULL-terminated
    array of objective attributes and values to add or modify in the directory
    entry.


5.  The Printer object invokes the ldap_unbind API to close the connection
    to the directory server.


    Example:  ldap_unbind (ld)


When one or more objective attributes are modified for a Printer object, the
Printer object repeats steps 2-5 to update the modified objective attributes
in its directory entry.


To locate a Printer object entry using LDAP, a program can use the ldap_search
or ldap_search_s API or a user can specify an LDAP URL.  For example, to
locate all Printer objects that support duplex, a user can specify URL:


ldap:///dir.host.name???(sides-supported=2-sided-long-binding-edge)


KC-> We need a printer object class (see answer to issue below).  This
KC-> changes the search example to the following:
KC->
KC->   ldap:///dir.host.name???(&(objectClass=printer)
KC->          (sides-supported=2-sided-long-binding-edge))


ISSUE:  Should one filter the search for an object class of Printer?  Do we
need to define this object class?  If so, how?


KC->  We need a printer object class.  The printer class should be
KC->  subclass of the device class already defined in X.500.
KC->
KC->  printer  OBJECT-CLASS  ::= {
KC->    SUBCLASS OF    {device}
KC->    MUST CONTAIN   {list of mandatory attributes}
KC->    MAY CONTAIN    {list of optional attributes}
KC->
KC->  I'll find out the process for defining a printer class upon my return
KC->  to the office on 12/2.


Please refer to the following RFCs for more information on LDAP:


RFC 1777 - Lightweight Directory Access Protocol
RFC 1823 - The LDAP Application Program Interface
RFC 1959 - An LDAP URL Format
RFC 1960 - A String Representation of LDAP Search Filters


Keith



More information about the Ipp mailing list