[
https://jira.nuxeo.org/browse/NXP-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=69783#action_69783
]
Olivier Grisel commented on NXP-4685:
-------------------------------------
I am currently having a look at integrating your patch. On a private channel
you said:
"We would need to create an extension of the nuxeo-platform-directory-ldap
module, implementing the necessary DNS resolution functionality to query the
SRV record.
The LDAP functionality through JNDI should have allowed this through the form
'ldap:///dc=ad,dc=pvt' however testing this on dev has proved this does not
work, the new extension should provide the logic to handle this form."
Indeed, JNDI's documentation states that SRV records should be resolved
automatically:
http://java.sun.com/j2se/1.5.0/docs/guide/jndi/jndi-ldap.html#URLs
Can you please give more details on what did not work? Did you have no error
messages? Where the DNS requests issued by the JVM or not?
Furthermore it does not mention the custom GC prefix. I guess that having the
ability to handle the Active Directory GC SRV records and not just the standard
"_ldap._tcp." is enough to justify a custom implementation of the SRV record
resolution not based on JNDI implementation.
> LDAP implementation should support retrieval of LDAP servers through DNS SRV
> records
> ------------------------------------------------------------------------------------
>
> Key: NXP-4685
> URL: https://jira.nuxeo.org/browse/NXP-4685
> Project: Nuxeo Enterprise Platform
> Issue Type: New Feature
> Components: Directory
> Reporter: Robert Browning
> Attachments: nuxeo-platform-directory-ldap-commit.patch
>
>
> To enable dynamic lookup of LDAP server URLs the LDAPServerDescriptor and
> associated classes should be able to handle URLs of the format
> 'ldap:///dc=nuxeo,dc=org' where the hostport part of the URI is empty.
> This should query the dns server for the service record _ldap._tcp.nuxeo.org
> to retrieve a list of servers providing the ldap service for the specified
> domain.
> The service identifier should be modifiable to allow flexible use of other
> ldap services registered under different service records, for example use of
> the Global Cache as provided by Microsoft Active Directory which uses the
> _gc._tcp prefix.
> The resultant DNS queries should be cached (with expiry) to prevent the need
> for repeated DNS querying and parsing whilst allowing changes to the network
> structure to have minimal effect on the operation of the server.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.nuxeo.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
ECM-tickets mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm-tickets
