Internet-Draft                                                Ryan Moats
draft-moats-finding-00.txt                                          AT&T
Expires in six months                                     September 1997




                        How to find LDAP servers
                  Filename: draft-moats-finding-00.txt


Status of This Memo

      This document is an Internet-Draft.  Internet-Drafts are working
      documents of the Internet Engineering Task Force (IETF), its
      areas, and its working groups.  Note that other groups may also
      distribute working documents as Internet-Drafts.

      Internet-Drafts are draft documents valid for a maximum of six
      months and may be updated, replaced, or obsoleted by other
      documents at any time.  It is inappropriate to use Internet-
      Drafts as reference material or to cite them other than as ``work
      in progress.''

      To learn the current status of any Internet-Draft, please check
      the ``1id-abstracts.txt'' listing contained in the Internet-
      Drafts Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net
      (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East
      Coast), or ftp.isi.edu (US West Coast).

Abstract

   This document discusses methods available for LDAP server discovery
   and advertisement based on previous IETF and ongoing IETF work.

1. Introduction

   The Lightweight Directory Access Protocol (LDAP) [1] can be used to
   build "islands" of servers that are not a priori tied into a single
   Directory Information Tree (DIT). In this case, it is necessary to
   determine how a client can discover an LDAP server and how LDAP
   servers can discover each other's existence. This documents discusses
   the methods available based on current and previous IETF work.

2. Server Discovery of Other Servers

   A LDAP server discovers other LDAP servers by either using a proposed
   naming scheme and the DNS or by using a additional server to server



Expires 3/31/98                                                 [Page 1]

INTERNET DRAFT            Finding LDAP Servers            September 1997


   indexing protocol.  Once a server discovers other servers it can
   collect information for returning LDAP v3 referrals to clients.

2.1. Discovery via DNS

   An LDAP server may either be registered using SRV records [2] or, if
   an LDAP server uses the "dc-naming" scheme [3], it can attempt to
   find the server managing its parent node by using DNS to look for the
   LDAP server for the parent domain. Additionally, an LDAP server may
   be named using a common alias as described in [4]. As an example, a
   server in domain foo.bar.com would first look for a SRV record for
   ldap.tcp.foo.bar.com, then for a SRV record for ldap.tcp.bar.com. If
   no SRV records were found, then the server would follow [4] by
   looking for ldap.foo.bar.com and lastly, for ldap.bar.com.

2.2. Discovery via the Common Indexing Protocol [5], [6]

   Independent of what DIT we are managing, LDAP servers could export
   index information about their portion of the tree via the Common
   Indexing Protocol.  This requires some a priori discovery and set up
   of the index mesh.

3. Client Discovery of LDAP Servers

   To discover an LDAP server, clients should follow the sequence of
   steps specified in [7] with the target service being LDAP.
   Alternatively, a client that supports DHCP may use the DHCP extension
   for LDAP server location as specified in [8].

4. Security Considerations

   Since this draft only summarizes available methods, it adds no
   additional security considerations to those inherent in the
   referenced documents.  Implementors are strongly recommended to read
   and follow the security considerations provided in the referenced
   documents.

5. Acknowledgments

   Many thanks to the members of the LSD working group, for their
   contributions to previous drafts. The work described in this document
   is partially supported by the National Science Foundation,
   Cooperative Agreement NCR-9218179.

6. References

   Request For Comments (RFC) and Internet Drafts documents are
   available from <URL:ftp://ftp.internic.net> and numerous mirror



Expires 3/31/98                                                 [Page 2]

INTERNET DRAFT            Finding LDAP Servers            September 1997


   sites.

         [1]         W. Yeong, T. Howes, S. Kille, "Lightweight Direc-
                     tory Access Protocol," RFC 1777, March 1995.

         [2]         A. Gulbrandsen, P. Vixie, "A DNS RR for specifying
                     the location of services (DNS SRV)," RFC 2052,
                     October 1996.

         [3]         S. Kille, S. Sataluri, A. Grimstad, "Naming Plan
                     for an Internet Directory Service," Work In Pro-
                     gress, March 19, 1997.

         [4]         M. Hamilton, R. Wright, "Use of DNS Aliases for
                     Network Services," Work In Progress, August, 1997.

         [5]         M. Mealling, J. Allen, "MIME Object Definitions for
                     the Common Indexing Protocol(CIP)," Work In Pro-
                     gress, June 11, 1997.

         [6]         M. Mealling, J. Allen, "The Architecture of the
                     Common Indexing Protocol (CIP),"Work In Progress,
                     June 11, 1997.

         [7]         R. Moats, M. Hamilton, P. Leach, "Finding Stuff
                     (How to discover services)," Internet Draft (work
                     in progress), June 1997.

         [8]         L. Hedstrom, L. Howard, "DHCP Options for Locating
                     LDAP Servers", Internet Draft (work in progress),
                     July 1997

7. Author's address

   Ryan Moats
   AT&T
   15621 Drexel Circle
   Omaha, NE 68135-2358
   USA

   Phone:  +1 402 894-9456
   EMail:  jayhawk@att.com









Expires 3/31/98                                                 [Page 3]