Internet-Draft Ryan Moats draft-ietf-lsd-client-finding-00.txt AT&T Expires in six months January 1998 LDAP Clients Finding LDAP Servers Filename: draft-ietf-lsd-client-finding-00.txt Status of This Memo This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as ``work in progress.'' To learn the current status of any Internet-Draft, please check the ``1id-abstracts.txt'' listing contained in the Internet- Drafts Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). Abstract This document discusses methods available for LDAP clients to discover the existance and location of LDAP servers. It is based on previous and ongoing IETF work. 1. Introduction The Lightweight Directory Access Protocol (LDAP) [1] can be used to build "islands" of servers that are not a priori tied into a single Directory Information Tree (DIT.) Here, it is necessary to determine how a client can discover LDAP servers. This documents discusses the available methods 2. Client Discovery of LDAP Servers LDAP clients may have a list of preconfigured LDAP servers included with them that a user can select from. Here, some of the servers in Expires 7/31/98 [Page 1] INTERNET DRAFT LDAP Clients Finding LDAP Servers January 1998 the preconfigured list might provide the functionality described in this document, to allow for simpler clients. If not configured with a LDAP server, a non-DHCP client should follow the sequence of steps specified in [1] (which uses DNS [2] and the Service Location Protocol [3]) with the target service being LDAP in order to find an LDAP server. If a DNS record is found for a name that begins with ldap (i.e. ldap.tcp.foo.com or ldap.foo.com) a further DNS lookup for a TXT record under that name would return the root of that server's subtree. A DHCP-aware client may use the DHCP extension specified in [4] to locate LDAP servers as an alternative to the sequence specified in [1]. 3. Security Considerations Since this draft only summarizes available methods, it adds no additional security considerations to those inherent in the referenced documents. Implementors are strongly recommended to read and follow the security considerations provided in the referenced documents. 4. Acknowledgments Many thanks to the members of the LSD working group, for their contributions to previous drafts. The work described in this document is partially supported by the National Science Foundation, Cooperative Agreement NCR-9218179. 5. References Request For Comments (RFC) and Internet Drafts documents are available from and numerous mirror sites. [1] R. Moats, M. Hamilton, P. Leach, "Finding Stuff (How to dis- cover services)," Internet Draft (work in progress), June 1997. [2] P. V. Mockapetris. "Domain names - concepts and facilities," RFC 1034. November 1987. [3] J. Veizades, E. Guttman, C. Perkins, S. Kaplan, "Service Location Protocol," RFC 2165, June 1997. [4] L. Hedstrom, L. Howard, "DHCP Options for Locating LDAP Servers," Internet Draft (work in progress), July 1997 Expires 7/31/98 [Page 2] INTERNET DRAFT LDAP Clients Finding LDAP Servers January 1998 6. Author's address Ryan Moats AT&T 15621 Drexel Circle Omaha, NE 68135-2358 USA Phone: +1 402 894-9456 EMail: jayhawk@att.com Expires 7/31/98 [Page 3]