2007/663 Winchester directory-based name mapping [FastTrack timeout 11/30/2007]

James Carlson james.d.carlson at sun.com
Wed Nov 21 09:27:15 PST 2007 

Nicolas Williams writes:
> On Wed, Nov 21, 2007 at 10:01:20AM -0500, James Carlson wrote:
> > The logical conclusion is that you'll probably need to associate
> > attribute names with particular LDAP servers, and I don't see how
> > that'd be done with this proposal.
> 
> Not particular LDAP servers but particular domains.

OK, yes, that's what I meant.  There's no good way to do that, is
there?

(I'm thinking ahead to what this means for NWAM.  I'm not sure how a
user would manage that sort of configuration.)

> > This sounds at least a little messy, as though we're handing users a
> > kit of parts and telling them to build a system out of it.  Is there
> > any way we can avoid exposing so much of the internal design to users?
> > Why can't there be default names reserved?
> 
> We've been asked to provide a feature found in other products, and this
> is what they do.

I understand that.  I was hoping we could manage to do better, though.
(My mother would ask, "if all your friends decided to jump off a
bridge, would you?")

Can we at least suggest some recommended names?  If nothing else,
that'll encourage more people to set up their systems that way by
default and lessen the chance of having the service just break in
ordinary use.

> > >  o Use of libsldap
> > > 
> > >    libsldap is Contracted Consolidation Private.  The i-team in this
> > >    case is part of the netrep team, which owns libsldap, therefore no
> > >    contract should be needed.
> > 
> > Architectural issues have nothing to do with the management structure
> > or the project team composition.
> > 
> > Is this project delivering through the same consolidation as libsldap?
> 
> Yes.

In that case, the fact that it's "Contracted" is immaterial.

It's Consolidation Private, which means that others in the
consolidation may use it without needing any special coordination.

(I suspect that someone is laboring under a misunderstanding of the
"Contracted" modifier.  It means that contracts *exist* on the
interface, and thus it serves as a warning to the supplier that the
interface can't change the way the supplier would expect, and does not
mean that contracts are *required.*  The requirement for contracts
follows the natural usage boundaries of the interface: if you're in
the same consolidation, then Consolidation Private is open to you,
otherwise it requires a contract.)

-- 
James Carlson, Solaris Networking              <james.d.carlson at sun.com>
Sun Microsystems / 35 Network Drive        71.232W   Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757   42.496N   Fax +1 781 442 1677

More information about the opensolaris-arc mailing list