Storing Vendor Information in the LDAP root DSE
RFC 3045
| Document | Type |
RFC - Informational
(January 2001; No errata)
Was draft-mmeredith-rootdse-vendor-info (individual)
|
|
|---|---|---|---|
| Last updated | 2013-03-02 | ||
| Stream | Legacy | ||
| Formats | plain text html pdf htmlized bibtex | ||
| Stream | Legacy state | (None) | |
| Consensus Boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | RFC 3045 (Informational) | |
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | (None) | ||
Network Working Group M. Meredith
Request for Comments: 3045 Novell Inc.
Category: Informational January 2001
Storing Vendor Information in the LDAP root DSE
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2001). All Rights Reserved.
Abstract
This document specifies two Lightweight Directory Access Protocol
(LDAP) attributes, vendorName and vendorVersion that MAY be included
in the root DSA-specific Entry (DSE) to advertise vendor-specific
information. These two attributes supplement the attributes defined
in section 3.4 of RFC 2251.
The information held in these attributes MAY be used for display and
informational purposes and MUST NOT be used for feature advertisement
or discovery.
Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2219]
1. Overview
LDAP clients discover server-specific data--such as available
controls, extensions, etc.--by reading the root DSE. See section 3.4
of [RFC2251] for details.
For display, information, and limited function discovery, it is
desirable to be able to query an LDAP server to determine the vendor
name of that server and also to see what version of that vendor's
code is currently installed.
Meredith Informational [Page 1]
RFC 3045 LDAP Root DSE to Display Vendor Information January 2001
1.1 Function discovery
There are many ways in which a particular version of a vendor's LDAP
server implementation may be functionally incomplete, or may contain
software anomalies. It is impossible to identify every known
shortcoming of an LDAP server with the given set of server data
advertisement attributes. Furthermore, often times, the anomalies of
an implementation are not found until after the implementation has
been distributed, deployed, and is in use.
The attributes defined in this document MAY be used by client
implementations in order to identify a particular server
implementation so that it can 'work around' such anomalies.
The attributes defined in this document MUST NOT be used to gather
information related to supported features of an LDAP implementation.
All LDAP features, mechanisms, and capabilities--if advertised--MUST
be advertised through other mechanisms, preferably advertisement
mechanisms defined in concert with said features, mechanisms, and
capabilities.
2. Attribute Types
These attributes are an addition to the Server-specific Data
Requirements defined in section 3.4 of [RFC2251]. The associated
syntaxes are defined in section 4 of [RFC2252].
Servers MAY restrict access to vendorName or vendorVersion and
clients MUST NOT expect these attributes to be available.
2.1 vendorName
This attribute contains a single string, which represents the name of
the LDAP server implementer.
All LDAP server implementations SHOULD maintain a vendorName, which
is generally the name of the company that wrote the LDAP Server code
like "Novell, Inc."
( 1.3.6.1.1.4 NAME 'vendorName' EQUALITY
1.3.6.1.4.1.1466.109.114.1 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
2.2 vendorVersion
This attribute contains a string which represents the version of the
LDAP server implementation.
Meredith Informational [Page 2]
RFC 3045 LDAP Root DSE to Display Vendor Information January 2001
All LDAP server implementations SHOULD maintain a vendorVersion.
Note that this value is typically a release value--comprised of a
string and/or a string of numbers--used by the developer of the LDAP
server product (as opposed to the supportedLDAPVersion, which
specifies the version of the LDAP protocol supported by this server).
This is single-valued so that it will only have one version value.
This string MUST be unique between two versions, but there are no
other syntactic restrictions on the value or the way it is formatted.
( 1.3.6.1.1.5 NAME 'vendorVersion' EQUALITY
1.3.6.1.4.1.1466.109.114.1 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE NO-USER-MODIFICATION USAGE dSAOperation )
The intent behind the equality match on vendorVersion is to not allow
a less than or greater than type of query. Say release "LDAPv3 8.0"
has a problem that is fixed in the next release "LDAPv3 8.5", but in
the mean time there is also an update release say version "LDAPv3
Show full document text