An Approach for Using LDAP as a Network Information Service (RFC2307)
Original Publication Date: 1998-Mar-01
Included in the Prior Art Database: 2019-Feb-15
Internet Society Requests For Comment (RFCs)
This document describes an experimental mechanism for mapping entities related to TCP/IP and the UNIX system into X.500 entries so that they may be resolved with the Lightweight Directory Access Protocol [RFC2251]. This memo defines an Experimental Protocol for the Internet community. It does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested.
Network Working Group L. Howard Request for Comments: 2307 Independent Consultant Category: Experimental March 1998
An Approach for Using LDAP as a Network Information Service
Status of this Memo
This memo defines an Experimental Protocol for the Internet community. It does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested. Distribution of this memo is unlimited.
Copyright (C) The Internet Society (1998). All Rights Reserved.
This document describes an experimental mechanism for mapping entities related to TCP/IP and the UNIX system into X.500 [X500] entries so that they may be resolved with the Lightweight Directory Access Protocol [RFC2251]. A set of attribute types and object classes are proposed, along with specific guidelines for interpreting them.
The intention is to assist the deployment of LDAP as an organizational nameservice. No proposed solutions are intended as standards for the Internet. Rather, it is hoped that a general consensus will emerge as to the appropriate solution to such problems, leading eventually to the adoption of standards. The proposed mechanism has already been implemented with some success.
1. Background and Motivation
The UNIX (R) operating system, and its derivatives (specifically, those which support TCP/IP and conform to the X/Open Single UNIX specification [XOPEN]) require a means of looking up entities, by matching them against search criteria or by enumeration. (Other operating systems that support TCP/IP may provide some means of resolving some of these entities. This schema is applicable to those environments also.)
These entities include users, groups, IP services (which map names to IP ports and protocols, and vice versa), IP protocols (which map names to IP protocol numbers and vice versa), RPCs (which map names to ONC Remote Procedure Call [RFC1057] numbers and vice versa), NIS
Howard Experimental [Page 1]
RFC 2307 Using LDAP as a Network Information Service March 1998
netgroups, booting information (boot parameters and MAC address mappings), filesystem mounts, IP hosts and networks, and RFC822 mail aliases.
Resolution requests are made through a set of C functions, provided in the UNIX system’s C library. For example, the UNIX system utility "ls", which enumerates the contents of a filesystem directory, uses the C library function getpwuid() in order to map user IDs to login names. Once the request is made, it is resolved using a "nameservice" which is supported by the client library. The nameservice may be, at its simplest, a collection of files in the local filesystem which are opened and searched by the C library. Other common nameservices include the Network Information Service (NIS) and the Domain Name System (DNS). (The latter is typically used for resolving hosts, services and networks.) Both these nameservices have the advantage of being distributed and thus permitting a common set of entities to be shared among...