You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by Daan Hoogland <da...@gmail.com> on 2019/06/13 13:22:52 UTC
loading ldif in embedded server
LS,
I am embedding a server using
https://github.com/bkoehm/apacheds-embedded/pull/1 I have it running but
have a challenge loading ldif. Is there a documented way this can be done
in core in 2.0.0? I am not talking about schema, just user definitions and
groups.
thanks
--
Daan
Re: was and remains: loading ldif in embedded server
Posted by Emmanuel Lécharny <el...@gmail.com>.
On 14/06/2019 12:13, Daan Hoogland wrote:
> @Pierre, Do you ask me to add an extra ticket next to DIRSERVER-1844?
No need. The ticket is already self explanatory.
> @Emmanuel, I saw your argument against it in that ticket. So I was
> actually asking for a workaround. Is this a couple of days work for a
> newbee or for you? I can justify a day or so, but certainly not a week.
It's a day or two for me. The code itself would not be complex, the
biggest issue is to deal with the configuration addition.
I'll give it a try next week.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org
Re: was and remains: loading ldif in embedded server
Posted by Pierre Smits <pi...@apache.org>.
Hallo Daan,
Nope. Niet dus. ;)
I overlooked that there was already one pertaining this. Then I suggest
that you enhance that ticket with your comments. For now I referenced this
thread there.
Best regards,
Pierre Smits
*Apache Trafodion <https://trafodion.apache.org>, Vice President*
*Apache Directory <https://directory.apache.org>, PMC Member*
Apache Incubator <https://incubator.apache.org>, committer
*Apache OFBiz <https://ofbiz.apache.org>, contributor (without privileges)
since 2008*
Apache Steve <https://steve.apache.org>, committer
On Fri, Jun 14, 2019 at 12:13 PM Daan Hoogland <da...@gmail.com>
wrote:
> @Pierre, Do you ask me to add an extra ticket next to DIRSERVER-1844?
> @Emmanuel, I saw your argument against it in that ticket. So I was
> actually asking for a workaround. Is this a couple of days work for a
> newbee or for you? I can justify a day or so, but certainly not a week.
>
> regards,
>
> On Fri, Jun 14, 2019 at 11:41 AM Pierre Smits <pi...@apache.org>
> wrote:
>
>>
>> At face value this looks like a value-adding feature.
>>
>> @Daan: could you raise a ticket in our JIRA, and elaborate on the
>> requirements? E.g. reference this thread. A ticket will help in capturing
>> details, and enables (other) contributors to work on it.
>>
>> Best regards,
>>
>> Pierre Smits
>>
>> *Apache Trafodion <https://trafodion.apache.org>, Vice President*
>> *Apache Directory <https://directory.apache.org>, PMC Member*
>> Apache Incubator <https://incubator.apache.org>, committer
>> *Apache OFBiz <https://ofbiz.apache.org>, contributor (without
>> privileges) since 2008*
>> Apache Steve <https://steve.apache.org>, committer
>>
>>
>> On Fri, Jun 14, 2019 at 11:29 AM Emmanuel Lécharny <el...@gmail.com>
>> wrote:
>>
>>>
>>> On 14/06/2019 11:08, Daan Hoogland wrote:
>>> > H,
>>> > I got passed loading users
>>>
>>>
>>> Good !
>>>
>>>
>>> > and am facing the next point; the memberOf attribute. It is not
>>> > supposed to be in ADS yet, and as per the latest comment in
>>> > DIRSERVER-1844
>>> > <
>>> https://issues.apache.org/jira/browse/DIRSERVER-1844?focusedCommentId=16519598&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-16519598>
>>>
>>> > will probably not be implemented. Now I am testing against an embedded
>>> > ADS and need yto operate on a variety of LDAP servers, so I want to
>>> > have it anyway. Is there a way to hack it in?
>>> > I looked at the stackoverflow question about this
>>> > <
>>> https://stackoverflow.com/questions/11174835/add-memberof-attribute-to-apacheds>
>>>
>>> > but after loading the extra schema the warning "Requested attribute
>>> > memberOf does not exist in the schema, it will be ignored". I don't
>>> > care for the overhead for now but really need to test this
>>> functionality.
>>>
>>> So the whole idea of having the memberOf attribute implemented is to be
>>> able, to 'generate' it on the fly ie when searching for entries that are
>>> member of a 'groupOfNames' entry. A good description is given on
>>>
>>> https://www.openldap.org/doc/admin24/overlays.html#Reverse%20Group%20Membership%20Maintenance
>>>
>>>
>>> How to implement that in ApacheDS ? We would need to create a new
>>> Interceptor that acts upon a search operation by doing a search on
>>> entries containing the 'member' attribute with a DN associated to the
>>> entries being returned by the search. If we find some, then we create
>>> the 'memberOf' attribute and inject the group entry's DN into it.
>>>
>>> That is not really complex, except that if you want it to have good
>>> performance, you need to add an index on the 'member' attribute.
>>>
>>> It's a couple of days work, tests included.
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
>>> For additional commands, e-mail: dev-help@directory.apache.org
>>>
>>>
>
> --
> Daan
>
Re: was and remains: loading ldif in embedded server
Posted by Daan Hoogland <da...@gmail.com>.
@Pierre, Do you ask me to add an extra ticket next to DIRSERVER-1844?
@Emmanuel, I saw your argument against it in that ticket. So I was actually
asking for a workaround. Is this a couple of days work for a newbee or for
you? I can justify a day or so, but certainly not a week.
regards,
On Fri, Jun 14, 2019 at 11:41 AM Pierre Smits <pi...@apache.org>
wrote:
>
> At face value this looks like a value-adding feature.
>
> @Daan: could you raise a ticket in our JIRA, and elaborate on the
> requirements? E.g. reference this thread. A ticket will help in capturing
> details, and enables (other) contributors to work on it.
>
> Best regards,
>
> Pierre Smits
>
> *Apache Trafodion <https://trafodion.apache.org>, Vice President*
> *Apache Directory <https://directory.apache.org>, PMC Member*
> Apache Incubator <https://incubator.apache.org>, committer
> *Apache OFBiz <https://ofbiz.apache.org>, contributor (without privileges)
> since 2008*
> Apache Steve <https://steve.apache.org>, committer
>
>
> On Fri, Jun 14, 2019 at 11:29 AM Emmanuel Lécharny <el...@gmail.com>
> wrote:
>
>>
>> On 14/06/2019 11:08, Daan Hoogland wrote:
>> > H,
>> > I got passed loading users
>>
>>
>> Good !
>>
>>
>> > and am facing the next point; the memberOf attribute. It is not
>> > supposed to be in ADS yet, and as per the latest comment in
>> > DIRSERVER-1844
>> > <
>> https://issues.apache.org/jira/browse/DIRSERVER-1844?focusedCommentId=16519598&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-16519598>
>>
>> > will probably not be implemented. Now I am testing against an embedded
>> > ADS and need yto operate on a variety of LDAP servers, so I want to
>> > have it anyway. Is there a way to hack it in?
>> > I looked at the stackoverflow question about this
>> > <
>> https://stackoverflow.com/questions/11174835/add-memberof-attribute-to-apacheds>
>>
>> > but after loading the extra schema the warning "Requested attribute
>> > memberOf does not exist in the schema, it will be ignored". I don't
>> > care for the overhead for now but really need to test this
>> functionality.
>>
>> So the whole idea of having the memberOf attribute implemented is to be
>> able, to 'generate' it on the fly ie when searching for entries that are
>> member of a 'groupOfNames' entry. A good description is given on
>>
>> https://www.openldap.org/doc/admin24/overlays.html#Reverse%20Group%20Membership%20Maintenance
>>
>>
>> How to implement that in ApacheDS ? We would need to create a new
>> Interceptor that acts upon a search operation by doing a search on
>> entries containing the 'member' attribute with a DN associated to the
>> entries being returned by the search. If we find some, then we create
>> the 'memberOf' attribute and inject the group entry's DN into it.
>>
>> That is not really complex, except that if you want it to have good
>> performance, you need to add an index on the 'member' attribute.
>>
>> It's a couple of days work, tests included.
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
>> For additional commands, e-mail: dev-help@directory.apache.org
>>
>>
--
Daan
Re: was and remains: loading ldif in embedded server
Posted by Pierre Smits <pi...@apache.org>.
At face value this looks like a value-adding feature.
@Daan: could you raise a ticket in our JIRA, and elaborate on the
requirements? E.g. reference this thread. A ticket will help in capturing
details, and enables (other) contributors to work on it.
Best regards,
Pierre Smits
*Apache Trafodion <https://trafodion.apache.org>, Vice President*
*Apache Directory <https://directory.apache.org>, PMC Member*
Apache Incubator <https://incubator.apache.org>, committer
*Apache OFBiz <https://ofbiz.apache.org>, contributor (without privileges)
since 2008*
Apache Steve <https://steve.apache.org>, committer
On Fri, Jun 14, 2019 at 11:29 AM Emmanuel Lécharny <el...@gmail.com>
wrote:
>
> On 14/06/2019 11:08, Daan Hoogland wrote:
> > H,
> > I got passed loading users
>
>
> Good !
>
>
> > and am facing the next point; the memberOf attribute. It is not
> > supposed to be in ADS yet, and as per the latest comment in
> > DIRSERVER-1844
> > <
> https://issues.apache.org/jira/browse/DIRSERVER-1844?focusedCommentId=16519598&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-16519598>
>
> > will probably not be implemented. Now I am testing against an embedded
> > ADS and need yto operate on a variety of LDAP servers, so I want to
> > have it anyway. Is there a way to hack it in?
> > I looked at the stackoverflow question about this
> > <
> https://stackoverflow.com/questions/11174835/add-memberof-attribute-to-apacheds>
>
> > but after loading the extra schema the warning "Requested attribute
> > memberOf does not exist in the schema, it will be ignored". I don't
> > care for the overhead for now but really need to test this functionality.
>
> So the whole idea of having the memberOf attribute implemented is to be
> able, to 'generate' it on the fly ie when searching for entries that are
> member of a 'groupOfNames' entry. A good description is given on
>
> https://www.openldap.org/doc/admin24/overlays.html#Reverse%20Group%20Membership%20Maintenance
>
>
> How to implement that in ApacheDS ? We would need to create a new
> Interceptor that acts upon a search operation by doing a search on
> entries containing the 'member' attribute with a DN associated to the
> entries being returned by the search. If we find some, then we create
> the 'memberOf' attribute and inject the group entry's DN into it.
>
> That is not really complex, except that if you want it to have good
> performance, you need to add an index on the 'member' attribute.
>
> It's a couple of days work, tests included.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
> For additional commands, e-mail: dev-help@directory.apache.org
>
>
Re: was and remains: loading ldif in embedded server
Posted by Emmanuel Lécharny <el...@gmail.com>.
On 14/06/2019 11:08, Daan Hoogland wrote:
> H,
> I got passed loading users
Good !
> and am facing the next point; the memberOf attribute. It is not
> supposed to be in ADS yet, and as per the latest comment in
> DIRSERVER-1844
> <https://issues.apache.org/jira/browse/DIRSERVER-1844?focusedCommentId=16519598&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-16519598>
> will probably not be implemented. Now I am testing against an embedded
> ADS and need yto operate on a variety of LDAP servers, so I want to
> have it anyway. Is there a way to hack it in?
> I looked at the stackoverflow question about this
> <https://stackoverflow.com/questions/11174835/add-memberof-attribute-to-apacheds>
> but after loading the extra schema the warning "Requested attribute
> memberOf does not exist in the schema, it will be ignored". I don't
> care for the overhead for now but really need to test this functionality.
So the whole idea of having the memberOf attribute implemented is to be
able, to 'generate' it on the fly ie when searching for entries that are
member of a 'groupOfNames' entry. A good description is given on
https://www.openldap.org/doc/admin24/overlays.html#Reverse%20Group%20Membership%20Maintenance
How to implement that in ApacheDS ? We would need to create a new
Interceptor that acts upon a search operation by doing a search on
entries containing the 'member' attribute with a DN associated to the
entries being returned by the search. If we find some, then we create
the 'memberOf' attribute and inject the group entry's DN into it.
That is not really complex, except that if you want it to have good
performance, you need to add an index on the 'member' attribute.
It's a couple of days work, tests included.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org
was and remains: loading ldif in embedded server
Posted by Daan Hoogland <da...@gmail.com>.
H,
I got passed loading users and am facing the next point; the memberOf
attribute. It is not supposed to be in ADS yet, and as per the latest
comment in DIRSERVER-1844
<https://issues.apache.org/jira/browse/DIRSERVER-1844?focusedCommentId=16519598&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-16519598>
will probably not be implemented. Now I am testing against an embedded ADS
and need yto operate on a variety of LDAP servers, so I want to have it
anyway. Is there a way to hack it in?
I looked at the stackoverflow question about this
<https://stackoverflow.com/questions/11174835/add-memberof-attribute-to-apacheds>
but after loading the extra schema the warning "Requested attribute
memberOf does not exist in the schema, it will be ignored". I don't care
for the overhead for now but really need to test this functionality.
thanks again,
--
Daan