Lightweight Directory Access Protocol (v3): Extensions for Dynamic Directory Services
RFC 2589

Document Type RFC - Proposed Standard (May 1999; No errata)
Authors Yoram Yaacovi  , Tony Genovese  , Mark Wahl 
Last updated 2013-03-02
Stream IETF
Formats plain text html pdf htmlized bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 2589 (Proposed Standard)
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                         Y. Yaacovi
Request for Comments: 2589                                     Microsoft
Category: Standards Track                                        M. Wahl
                                            Innosoft International, Inc.
                                                             T. Genovese
                                                                May 1999

              Lightweight Directory Access Protocol (v3):
               Extensions for Dynamic Directory Services

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (1999).  All Rights Reserved.

1.  Abstract

   This document defines the requirements for dynamic directory services
   and specifies the format of request and response extended operations
   for supporting client-server interoperation in a dynamic directories

   The Lightweight Directory Access Protocol (LDAP) [1] supports
   lightweight access to static directory services, allowing relatively
   fast search and update access.  Static directory services store
   information about people that persists in its accuracy and value over
   a long period of time.

   Dynamic directory services are different in that they store
   information that only persists in its accuracy and value when it is
   being periodically refreshed.  This information is stored as dynamic
   entries in the directory.  A typical use will be a client or a person
   that is either online - in which case it has an entry in the
   directory, or is offline - in which case its entry disappears from
   the directory.  Though the protocol operations and attributes used by
   dynamic directory services are similar to the ones used for static
   directory services, clients that store dynamic information in the
   directory need to periodically refresh this information, in order to
   prevent it from disappearing.  If dynamic entries are not refreshed

Yaacovi, et al.             Standards Track                     [Page 1]
RFC 2589    LDAPv3 Extensions for Dynamic Directory Services    May 1999

   within a given timeout, they will be removed from the directory.  For
   example, this will happen if the client that set them goes offline.

   A flow control mechanism from the server is also described that
   allows a server to inform clients how often they should refresh their

2. Requirements

   The protocol extensions must allow accessing dynamic information in a
   directory in a standard LDAP manner, to allow clients to access
   static and dynamic information in the same way.

   By definition, dynamic entries are not persistent and clients may go
   away gracefully or not.  The proposed extensions must offer a way for
   a server to tell if entries are still valid, and to do this in a way
   that is scalable.  There also must be a mechanism for clients to
   reestablish their entry with the server.

   There must be a way for clients to find out, in a standard LDAP
   manner, if servers support the dynamic extensions.

   Finally, to allow clients to broadly use the dynamic extensions, the
   extensions need to be registered as standard LDAP extended

3. Description of Approach

   The Lightweight Directory Access Protocol (LDAP) [1] permits
   additional operation requests and responses to be added to the
   protocol.  This proposal takes advantage of these to support
   directories which contain dynamic information in a manner which is
   fully integrated with LDAP.

   The approach described in this proposal defines dynamic entries in
   order to allow implementing directories with dynamic information.  An
   implementation of dynamic directories, must be able to support
   dynamic directory entries.

3.1. Dynamic Entries and the dynamicObject object class

   A dynamic entry is an object in the directory tree which has a time-
   to-live associated with it.  This time-to-live is set when the entry
   is created.  The time-to-live is automatically decremented, and when
   it expires the dynamic entry disappears.  By invoking the refresh
   extended operation (defined below) to re-set the time-to-live, a
   client can cause the entry to remain present a while longer.

Yaacovi, et al.             Standards Track                     [Page 2]
RFC 2589    LDAPv3 Extensions for Dynamic Directory Services    May 1999

   A dynamic entry is created by including the objectClass value given
   in section 5 in the list of attributes when adding an entry.  This
Show full document text