At active directory, each AD object has an objectGUID attribute which uniquely identifies the AD object even after it is renamed or moved, see link http://msdn.microsoft.com/en-us/library/ms677615%28v=vs.85%29.aspx. Do we have such concept in other LDAP directory services such as (Novell Directory Servic开发者_JAVA技巧e)? I did some search on on internet and could not find any confirmation on this. I did see this RFC: https://www.rfc-editor.org/rfc/rfc4530, Lightweight Directory Access Protocol (LDAP) entryUUID Operational Attribute, however not sure how wide it is implemented.
The attribute 'GUID' is present in Novell Directory begining in NetWare 5.x (see this documentation). So you can find it in Novell Directory Service. 'entryUUID' is present in SUN (Oracle) ePlanet, OpenLdap and OpenDS.
In my understanding such an attribute is present as an operational attribute in each Directory server whatever the editor is. This attribute is used in replication processes to synchronize objects between servers. The problem I met is that in some case (ActiveDirectory) its internal syntax is 'binary', in other case openLDAP its internal syntax is 'Directory String'.
Be careful of the fact that, this is an OPERATIONAL attribut, that means that it CAN'T be modified using LDAP. People coming from openLDAP usualy use 'slapxxx' operation to fill the database, it's not LDAP operation, and this kind of usage is not allowed in all Directory servers.
entryUUID is implemented by all directory servers that that purport to support the LDAP standards framework. The words SHALL and MUST in the RFC (4530) are clear indicators that the attribute must be supported.
entryUUID is supported in both ApacheDS and OpenLDAP (and yes it is equivalent of GUID)
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论