Browse Prior Art Database

Using DNS to implement a meta-domain scheme

IP.com Disclosure Number: IPCOM000014244D
Original Publication Date: 2001-Apr-01
Included in the Prior Art Database: 2003-Jun-19
Document File: 2 page(s) / 40K

Publishing Venue

IBM

Abstract

Disclosed is a technique for publishing and categorizing information about LDAP servers in the Domain Name System (DNS). This invention makes it possible to locate an LDAP server, using DNS, that meets the specific needs of the application. For example, a user might need to authenticate to a particular security domain, using the LDAP server that supports the user's security domain.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 75% of the total text.

Page 1 of 2

Using DNS to implement a meta-domain scheme

Disclosed is a technique for publishing and categorizing information about LDAP servers in the Domain Name System (DNS). This invention makes it possible to locate an LDAP server, using DNS, that meets the specific needs of the application. For example, a user might need to authenticate to a particular security domain, using the LDAP server that supports the user's security domain.

IBM* has implemented an LDAP service locator function that uses information stored in DNS to locate LDAP servers. Essentially, the application looks for SRV records tagged with "ldap.tcp" to easily identify a set of LDAP servers, along with their associated host names, IP addresses and other interesting information.

The invention described here is an extension that permits groups of LDAP servers to be categorized into "security domains", also called "enetwork domains". This is perform by simply adding the name of the enetwork domain to the search tag, as follows, where we want to group a set of servers together. The technique described here can also be used for other types of services, not just LDAP.

The following DNS record depicts the information that must be added to DNS to simply find an LDAP server.

ldap.tcp SRV 0 0 0 sampleldap

The following DNS record depicts how the invention is used when configuring DNS in such a way as to group LDAP servers into different categories, such as marketing :

ldap. marketing .tcp SRV 0 0 0 sampleldap

This...