default referral can be set for the Directory Server and a separate

 

default referral for each database.

 

The default referral for each database is done through the suffix

 

configuration information. When the suffix of the database is disabled,

 

configure the directory service to return a default referral to client

 

requests made to that suffix.

 

For more information about suffixes, refer to “About suffixes”. For

 

information on configuring suffixes, refer to the HP-UX Directory

 

Server administrator guide.

Smart referrals

Smart referrals are stored on entries within the directory service itself.

 

Smart referrals point to Directory Servers that have knowledge of

 

the subtree whose DN matches the DN of the entry containing the

 

smart referral.

All referrals are returned in the format of an LDAP uniform resource locator, or LDAP URL. The following sections describe the structure of an LDAP referral, then describe the two referral types supported by Directory Server.

5.3.1.1 The structure of an LDAP referral

An LDAP referral contains information in the format of an LDAP URL. An LDAP URL contains the following information:

The host name of the server to contact.

The port number on the server that is configured to listen for LDAP requests.

The base DN (for search operations) or target DN (for add, delete, and modify operations).

For example, a client application searches dc=example,dc=com for entries with a surname value of Jensen. A referral returns the following LDAP URL to the client application:

ldap://europe.example.com:389/ou=people, l=europe,dc=example,dc=com

This referral instructs the client application to contact the host europe.example.com on port 389 and submit a search using the root suffix ou=people, l=europe,dc=example,dc=com.

The LDAP client application determines how a referral is handled. Some client applications automatically retry the operation on the server to which they have been referred. Other client applications return the referral information to the user. Most LDAP client applications provided by HP-UX Directory Server (such as the command-line utilities) automatically follow the referral. The same bind credentials supplied on the initial directory request are used to access the server.

Most client applications follow a limited number of referrals, or hops. The limit on the number of referrals that are followed reduces the time a client application spends trying to complete a directory lookup request and helps eliminate hung processes caused by circular referral patterns.

5.3.1.2 About default referrals

Default referrals are returned to clients when the server or database that was contacted does not contain the requested data.

Directory Server determines whether a default referral should be returned by comparing the DN of the requested directory object against the directory suffixes supported by the local server. If the DN does not match the supported suffixes, the Directory Server returns a default referral.

For example, a directory client requests the following directory entry: uid=bjensen,

ou=people,dc=example,dc=com

However, the server only manages entries stored under the dc=europe,dc=example,dc=com suffix. The directory returns a referral to the client that indicates which server to contact for entries stored under the dc=example,dc=com suffix. The client then contacts the appropriate server and resubmits the original request.

5.3 About knowledge references 63