ldap-id.ms revision 174294
182794Sobrien.pl 10.0i 282794Sobrien.po 0 382794Sobrien.ll 8.5i 482794Sobrien.lt 8.5i 582794Sobrien.nr LL 8.5i 682794Sobrien.nr LT 8.5i 782794Sobrien.ds LF Johansson 882794Sobrien.ds RF [Page %] 982794Sobrien.ds CF 1082794Sobrien.ds LH Internet draft 1182794Sobrien.ds RH 30 March 1998 1282794Sobrien.ds CH Berkeley AMD LDAP Schema 1382794Sobrien.hy 0 1482794Sobrien.ad l 1582794Sobrien.in 0 1682794SobrienINTERNET-DRAFT Leif Johansson 1782794SobrienIntented Category: Experimental Stockholm University 1882794Sobrien 1982794Sobrien 2082794Sobrien 2182794Sobrien.ce 2282794SobrienA directory (X.500 and LDAPv3) schema for Berkely automounter 2382794Sobrien 2482794Sobrien 2582794Sobrien.ti 0 2682794Sobrien1. Status of this Memo 2782794Sobrien 2882794Sobrien.fi 2982794Sobrien.in 3 3082794SobrienThis memo describes a directory (LDAP or X.500) schema for storing 31174294Sobrienamd (Berkely-style automounter) mount info maps. The schema is currently 32174294Sobrienbeeing supported by the (beta version of the) am-utils version 6 package 33174294Sobrien[AMUTILS]. 3482794Sobrien 3582794Sobrien.ti 0 3682794Sobrien2. Overview and Rationale 3782794Sobrien 3882794SobrienDirectory services such as X.500 [X500] or LDAP [RFC2251] are a natural 39174294Sobrienchoice of repository for amd mount map databases. All Object Identifiers 40174294Sobrienin this document are prefixed by amdSchema-id to be assigned later. The 41174294Sobrienrelation between this schema and the automount schema elements in [HOWARD] 4282794Sobrienare mostly superficial. The model for the elements in [HOWARD] was the SUN 43174294Sobrienautomounter which has quite a different syntax for mount maps. Furthermore 44174294Sobrienthe intended usage of this schema differs from that of [HOWARD] in many 4582794Sobrienrespects. 4682794Sobrien 4782794Sobrien.ti 0 4882794Sobrien3. DSA requirements 4982794Sobrien 50174294SobrienDirectory servers implementing this schema SHOULD maintain the 51174294SobrienmodifyTimestamp operational attribute. If not the amdMapCacheTtl 5282794Sobrienattribute SHOULD be set to 0 indicating to clients that caching of 53174294Sobrienmap entries SHOULD be turned off. Clients wishing to use the amdMap 54174294Sobrienschema MAY use the modifyTimestamp information to set the ttl for 55174294Sobrieninternal caching schemes. A value of 0 for the amdMapCacheTtl must 5682794Sobrienresult in clients turning off any local caching. 5782794Sobrien 5882794Sobrien.ti 0 5982794Sobrien4. Syntax definitions 6082794Sobrien 6182794SobrienThe following attribute syntax is defined in this document: 6282794Sobrien 6382794Sobrien amdlocationlist 6482794Sobrien 6582794SobrienThis syntax represents a amd map value. This is the syntax expressed 6682794Sobrienin BNF using definitions from [RFC2252]: 6782794Sobrien 6882794Sobrien amdlocationlist = amdlocationselection | 6982794Sobrien amdlocationlist whsp "||" whsp amdlocationselection 7082794Sobrien 7182794Sobrien amdlocationselection = amdlocation | 7282794Sobrien amdlocationselection whsp amdlocation 73174294Sobrien 7482794Sobrien amdlocation = amdlocationinfo | 7582794Sobrien "-" amdlocationinfo | 7682794Sobrien "-" 77174294Sobrien 7882794Sobrien amdlocationinfo = seloropt | 7982794Sobrien amdlocationinfo ";" seloropt | 8082794Sobrien ";" 8182794Sobrien 8282794Sobrien seloropt = seletion | 8382794Sobrien optass 8482794Sobrien 8582794Sobrien selection = keystring "==" printablestring 8682794Sobrien keystring "!=" printablestring 8782794Sobrien 8882794Sobrien optass = keystring \":=\" printablestring 8982794Sobrien 90174294SobrienX.500 servers or LDAPv3 servers (supporting the binary attribute 9182794Sobrienoption) may use the following syntax definition: 9282794Sobrien 9382794Sobrien AmdLocationList ::= SEQUENCE OF { 9482794Sobrien SEQUENCE OF { 9582794Sobrien location AmdLocation 9682794Sobrien } 9782794Sobrien } 9882794Sobrien 9982794Sobrien AmdLocation ::= SET OF { 10082794Sobrien CHOICE { 10182794Sobrien location [0] AmdLocationInfo 10282794Sobrien notlocation [1] AmdLocationInfo 10382794Sobrien not [2] NULL 10482794Sobrien } 10582794Sobrien } 106174294Sobrien 10782794Sobrien AmdLocationInfo ::= SET OF { 10882794Sobrien CHOICE { 10982794Sobrien selection [0] AmdSelection 11082794Sobrien option [1] AmdOption 11182794Sobrien } 11282794Sobrien } 113174294Sobrien 11482794Sobrien AmdSelection ::= CHOICE { 11582794Sobrien eq [0] AttributeAndValue 11682794Sobrien ne [1] AttributeAndValue 11782794Sobrien } 11882794Sobrien 11982794Sobrien AmdOption ::= AttributeAndValue 120174294Sobrien 12182794Sobrien AttributeAndValue ::= SEQUENCE { 12282794Sobrien attribute IA5String 12382794Sobrien value IA5String 12482794Sobrien } 12582794Sobrien 12682794Sobrien.ti 0 12782794Sobrien5. Attribute types 12882794Sobrien 12982794SobrienThe following attribute types are defined in this document: 130174294Sobrien 13182794Sobrien amdMapName 13282794Sobrien amdMapCacheTtl 13382794Sobrien amdMapEntry 13482794Sobrien amdMapEntryKey 13582794Sobrien amdMapEntryValue 13682794Sobrien 13782794Sobrien amdSchema-a OBJECT IDENTIFIER ::= { amdSchema-id 1 } 13882794Sobrien 139174294Sobrien amdMapName 14082794Sobrien ATTRIBUTE ::= { 14182794Sobrien WITH SYNTAX IA5String 14282794Sobrien EQUALITY MATCHING RULE caseIgoreExactMatch 14382794Sobrien --ID { amdSchema-a 1 } 144174294Sobrien DESCRIPTION 14582794Sobrien "This attribute is the symbolic and in the naming 14682794Sobrien context unique name of an amd map. This corresponds 14782794Sobrien in the case of a flat file database to the name of 14882794Sobrien the file or the mount-point of the map." 14982794Sobrien } 15082794Sobrien 151174294Sobrien 152174294Sobrien amdMapCacheTtl 153174294Sobrien ATTRIBUTE ::= { 15482794Sobrien WITH SYNTAX Integer 15582794Sobrien EQUALITY MATCHING RULE integerExactMatch 15682794Sobrien --ID { amdSchema-a 2 } 15782794Sobrien SINGLE VALUED 15882794Sobrien DESCRIPTION 15982794Sobrien "The maximum time-to-live for the entries in this 16082794Sobrien map. After this many milliseconds the map has to 16182794Sobrien be cleared from local caches and reloaded. A value 16282794Sobrien of 0 disables caching." 16382794Sobrien } 16482794Sobrien 16582794Sobrien amdMapEntry 16682794Sobrien ATTRIBUTE ::= { 16782794Sobrien WITH SYNTAX DistinguishedName 16882794Sobrien EQUALITY MATHCING RULE dNCaseIgnoreExactMatch 16982794Sobrien --ID { amdSchema-a 3 } 17082794Sobrien DESCRIPTION 17182794Sobrien "A multivalued attribute listing the distinguished 17282794Sobrien names of the amdMapEntries making up this amdMap 17382794Sobrien object." 17482794Sobrien } 17582794Sobrien 17682794Sobrien amdMapEntryKey ::= { 17782794Sobrien ATTRIBUTE ::= { 17882794Sobrien WITH SYNTAX IA5String 17982794Sobrien EQUALITY MATCHING RULE stringExactMatch 18082794Sobrien --ID { amdSchema-a 4 } 18182794Sobrien SINGLE VALUED 18282794Sobrien DESCRIPTION 18382794Sobrien "The value of this attribute is usually the name of 18482794Sobrien a mountpoint for this amdMapEntry." 18582794Sobrien } 18682794Sobrien 18782794Sobrien amdMapEntryValue ::= { 18882794Sobrien ATTRIBUTE ::= { 18982794Sobrien WITH SYNTAX AmdLocationList 19082794Sobrien --ID { amdSchema-a 5 } 19182794Sobrien DESCRIPTION 19282794Sobrien "This is the actual mount information for the amdMapEntry 19382794Sobrien using the syntax described above." 19482794Sobrien } 19582794Sobrien 19682794Sobrien amdMapEntryKey ::= { 19782794Sobrien ATTRIBUTE ::= { 19882794Sobrien WITH SYNTAX IA5String 19982794Sobrien EQUALITY MATCHING RULE stringExactMatch 20082794Sobrien --ID { amdSchema-a 4 } 20182794Sobrien SINGLE VALUED 20282794Sobrien DESCRIPTION 20382794Sobrien "The value of this attribute is usually the name of 20482794Sobrien a mountpoint for this amdMapEntry." 20582794Sobrien } 20682794Sobrien 20782794Sobrien amdMapEntryValue ::= { 20882794Sobrien ATTRIBUTE ::= { 20982794Sobrien WITH SYNTAX AmdLocationList 21082794Sobrien --ID { amdSchema-a 5 } 21182794Sobrien DESCRIPTION 21282794Sobrien "This is the actual mount information for the amdMapEntry 21382794Sobrien using the syntax described above." 21482794Sobrien } 21582794Sobrien 216174294Sobrien.ti 0 21782794Sobrien6. Object classes 21882794Sobrien 21982794SobrienThe following object classes are defined in this document: 22082794Sobrien 22182794Sobrien amdMap 22282794Sobrien amdMapEntry 22382794Sobrien 22482794Sobriendefined as follows: 22582794Sobrien 22682794Sobrien amdSchema-oc ::= { amdSchema-id 2 } 22782794Sobrien 22882794Sobrien amdMap OBJECT-CLASS ::= { 22982794Sobrien SUBCLASS OF { top } 23082794Sobrien KIND auxiliary 23182794Sobrien --ID { amdSchema-oc 1 } 23282794Sobrien MAY CONTAIN { amdMapCacheTtl , cn } 23382794Sobrien MUST CONTAIN { amdMapName , amdMapEntry } 23482794Sobrien } 23582794Sobrien 23682794Sobrien amdMapEntry OBJECT-CLASS ::= { 23782794Sobrien SUBCLASS OF { top } 23882794Sobrien KIND structural 23982794Sobrien --ID { amdSchema-oc 2 } 24082794Sobrien MUST CONTAIN { 24182794Sobrien amdMapName , 24282794Sobrien amdEntryKey , 24382794Sobrien amdEntryValue , 24482794Sobrien } 24582794Sobrien MAY CONTAIN { cn } 24682794Sobrien DESCRIPTION 24782794Sobrien "An entry of this object class describes mount 24882794Sobrien information relative to a certain amdMap entry" 24982794Sobrien } 25082794Sobrien 25182794Sobrien.ti 0 25282794Sobrien7. Examples 25382794Sobrien 25482794Sobrien 255174294Sobrien 25682794Sobrien.ti 0 25782794Sobrien8. Security Considerations 25882794Sobrien 25982794SobrienDue to the security problems posed by NFS care should be taken not to 260174294Sobrienadvertise exported filesystems. Therefore it is often desirable to limit 26182794Sobrienaccess to entries carrying amd mount map information to those systems 26282794Sobriento which the corresponding filesystems have been exported. 26382794Sobrien 26482794Sobrien.ti 0 26582794Sobrien9. References 26682794Sobrien 26782794Sobrien [AMUTILS] 26882794Sobrien am-utils homepage: http://shekel.cs.columbia.edu/~erez/am-utils.html 26982794Sobrien 27082794Sobrien [RFC2251] 27182794Sobrien M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access 27282794Sobrien Protocol (v3)", RFC 2251, December 1997. 27382794Sobrien 27482794Sobrien [RFC2252] 27582794Sobrien M. Wahl, A. Coulbeck, T. Howes, S. Kille, "Lightweight Directory 27682794Sobrien Access Protocol (v3): Attribute Syntax Definitions", RFC 2252, 27782794Sobrien December 1997. 27882794Sobrien 27982794Sobrien [RFC2253] 28082794Sobrien M. Wahl, S. Kille, T. Howes, "Lightweight Directory Access 28182794Sobrien Protocol (v3): UTF-8 String Representation of Distinguished 28282794Sobrien Names", RFC 2253, December 1997. 28382794Sobrien 28482794Sobrien [HOWARD] 285174294Sobrien Luke Howard, "An Approach for Using LDAP as a Network 28682794Sobrien Information Service", draft-howard-nis-schema-??.txt, Internet 28782794Sobrien draft. 28882794Sobrien 289174294Sobrien [X500] 29082794Sobrien ITU something or other. 291174294Sobrien 29282794Sobrien.in 3 29382794Sobrien 29482794Sobrien 29582794Sobrien.ti 0 29682794SobrienAuthor's Address 29782794Sobrien 29882794Sobrien.nf 29982794Sobrien 30082794SobrienLeif Johansson 30182794SobrienDepartment of Mathematics 30282794SobrienStockholm University 30382794SobrienS-106 91 Stockholm 30482794Sobrien SWEDEN 30582794Sobrien 30682794SobrienEmail: leifj@matematik.su.se 307