![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to q-dish.tex CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / doc / manual|
Return to q-dish.tex CVS log | Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / doc / manual |
1.1 root 1: % run this through LaTeX with the appropriate wrapper
2:
3:
\chapter{The OSI Directory}
4: \label{dir_model}
5:
6: This Chapter is designed as a quick introduction to the model of X.500
7: directories, to provide the reader with sufficient information to be able to
8: understand the following Chapters.
9:
10: \section {The Model}
11: The OSI Directory is intended to support human user querying, allowing
12: users to find, {\em inter alia}, telephone and address information of
13: organisations and other users.
14:
15: It is also intended to support electronic
16: communication such as message handling systems and file transfer.
17: The Directory provides name to address mapping to support, for example, OSI
18: presentation address look-ups. Message handling systems will be provided with
19: support for user-friendly naming, security and
20: distribution lists.
21:
22: \tagfigure[tp]{q-dit}{Example DIT}{qfig:dit}
23:
24: In essence the Directory is a database with certain key characteristics.
25: \begin{itemize}
26: \item
27: The Directory is intended to be very large and highly distributed. It is
28: anticipated that the Directory will be distributed largely on an
29: organisational basis.
30: \item
31: The Directory is hierarchically structured, the entries being arranged in
32: the form of a tree called the Directory Information Tree (DIT).
33: An example DIT is shown in Figure~\ref{qfig:dit}.
34: Entries near the root of the tree will usually represent
35: objects such as countries (e.g., `GB') and organisations (e.g., `University
36: College London'), entries at or near the leaves
37: of the tree will represent people (e.g., `Colin Robbins'),
38: equipment or application processes.
39:
40: \item
41: Read and search operations will dominate over modification operations.
42: \item
43: Temporary inconsistencies in the data are acceptable. This greatly
44: facilitates the replication of data in the Directory by obviating concerns
45: about record locking and atomic operations.
46: \end{itemize}
47:
48:
49: \section{Information Representation}
50: There are various structures needed to represent the data required in the
51: directory database. These are described
52: briefly below.
53:
54: \subsection {Object Identifiers}
55: An important part of the OSI world is the Object Identifier (OID).
56:
57: An OID is a hierarchy of numbers used to uniquely describe various objects
58: within the OSI world: for example, ``1.0.8571.1.1'' describes the FTAM
59: protocol; ``0.9.2342.19200300.99.1''
60: defines a QUIPU Attribute Type.
61: The strings of numbers look ``horrible'' and can be difficult to remember.
62: As such, QUIPU provides a mapping from OIDs to ``strings'', so that
63: easy to remember strings can be used in place of the numeric OIDs, for
64: example ``iso ftam'' or ``quipuAttributeType''.
65:
66: The mapping are defined in a set of oidtables which are discussed
67: in Section~\ref{oidtables}.
68:
69: \subsection {Attributes}
70:
71: \tagfigure[tp]{q-entry}{Structure of an Entry}{qfig:entry}
72:
73: The directory holds information about various entities, such as a person or
74: an organisation. The information is held in an information object,
75: typically referred to as an {\em entry}.
76: An entry consists of a set of one of more attributes
77: (see Figure~\ref{qfig:entry}).
78:
79: An attribute is represented by an attribute type, and set of attribute values.
80: An attribute with a single value is represented as follows:-
81: \begin{quote}
82: $<$Attribute Type$>$ ``='' $<$Attribute Value$>$
83: \end{quote}
84: The attribute type can either be a string (which must be in the attribute
85: oidtable --- see Section~\ref{oidtables}) or the OID in a dotted decimal
86: format.
87:
88: Each attribute value is represented by a string, the format of the attribute value
89: depends upon the
90: syntax defined in the oidtables, but in general will be a string.
91:
92: So
93: \begin{quote}\begin{verbatim}
94: roomNumber = G24
95: 2.5.4.20 = 453-5674
96: commonName = Colin Robbins & Colin John Robbins
97: photo = {ASN} 0308207b4001488001fd...
98: \end{verbatim}\end{quote}
99: is an example of an entry, with 4 attributes. The ``commonName'' attribute
100: is multi-valued,
101: with the two values separated by the ``\&'' symbol.
102: Notice how the ``photo'' attribute does not have a specific string format,
103: so a hexadecimal ``ASN.1'' representation is used.
104: ``2.5.4.20'' is an Object Identifier represented in numeric form.
105:
106:
107: \subsection {Names}
108: \label{quipu_name}
109: Within an entry, some attributes (generally one) have special importance,
110: and are called {\em distinguished attributes}. The collection of these
111: attributes form the {\em Relative Distinguished Name}
112: (RDN).\index{RDN}
113:
114: An RDN is usually represented by a single valued attribute, thus
115: \begin{quote} \begin{verbatim}
116: commonName = "Alan Turland"
117: organization = "University College London"
118: \end{verbatim}\end{quote}
119: are valid RDNs.
120:
121: An RDN made up of multiple distinguished attributes uses the \verb+%+ symbol
122: to separate the values, for
123: example
124: \begin{quote} \begin{verbatim}
125: userid = quipu % commonName = "Colin Robbins"
126: \end{verbatim}\end{quote}
127:
128: A {\em Distinguished Name} (DN) is the sequence of RDNs that uniquely define
129: a node in the Directory Information Tree (DIT).
130: These are represented as follows:-
131: \begin{quote}
132: RDN [ ``@'' RDN \ldots]
133: \end{quote}
134: So
135: \begin{quote}\small\begin{verbatim}
136: countryName = GB @ organization = University College London
137: \end{verbatim}\end{quote}
138: is an example of a valid DN.
139:
140: In some cases an RDN or DN is specified relative to a node other than the
141: root in the DIT.
142: To be unambiguous a DN may be rooted using a leading ``@'', for example
143: \begin{quote}\small\begin{verbatim}
144: @ countryName = GB @ organization = University College London
145: \end{verbatim}\end{quote}
146:
147:
148: \section{Directory User Agent}
149: The Directory User Agent (DUA) is the entity you as a user will connect to,
150: it will help you formulate your queries, and then pass them to the
151: Directory, and show you the results.
152:
153: The X.500 standard defines only the protocol the DUA should use when taking
154: to the Directory, and as such DUAs come in many varieties, but the basic
155: concepts are the same.
156:
157: A DUA talks to the directory using the Directory Access Protocol
158: (DAP)\index{DAP}.
159:
160: The following Chapters of this Part of the Manual describe five such
161: interfaces:
162: \begin{describe}
163: \item [dish:] The DIrectory SHell\\
164: This interface give a user full access to the DAP, and
165: as such may be complex for novice users.
166: \item [sid:] Steve's Interface to Dish\\
167: A set of scripts that make Dish usable for novice users.
168: \item [fred:] FRont End to Dish\\
169: Fred provides a White Pages User Interface, which hides most
170: of the complexity of the OSI directory.
171: \item [widget:] A curses based windowing interface,
172: \item [sunint:] A suntools based windowing interface.
173: \end{describe}
174:
175: We should point out here that
176: Widget and Sunint are not considered fully developed interfaces,
177: but are included to give would be DUA developers examples of how
178: the procedural interface discussed in Section~\ref{proc_model} can be used.
179:
180:
181: \section{Directory System Agent}
182:
183: \tagfigure[tp]{q-dsa}{DUA/DSA Interaction}{qfig:dsa}
184:
185: The Directory System Agent (DSA) is the entity that generates the results to
186: requests from a DUA.
187: It may handle the request itself, ask another DSA (using the Directory System
188: Protocol\index{DSP}), or advise the DUA to
189: contact another DSA (see Figure~\ref{qfig:dsa}).
190: This part of the directory is discussed more in Parts III and V of this
191: manual. Here we shall concentrate on the DUA.
192:
193:
194:
\chapter{DISH}
195: \label{dish}
196:
197: This Chapter describes DISH, a DIrectory SHell interface to the Directory.
198: It provides an interface to the Directory in an similar manner
199: to the way that \MH/ provides an interface to a message handling systems.
200: As with \MH/, dish can either be invoked as a single process with the full
201: repertoire of commands built in, or it can be invoked by individual shell
202: commands.
203: This latter style allows dish to be used with others tools to provide very
204: flexible access to the directory.
205:
206: Dish provides a very powerful interface onto the Directory and gives a user
207: access to the full Directory Access Protocol(DAP).
208: The price of such comprehensiveness is complexity.
209: Dish has a large number of flags, and both the syntax and volume of typing
210: required can seem forbidding to the novice user.
211: One compromise solution is to use dish to build interfaces which are easier
212: to use and more intuitive, for example SID (see Chapter~\ref{DUA:sid}).
213:
214: To run DISH in interactive mode invoke \man dish(1c), then issue any of the
215: commands described in Sections~\ref{dish_start} through \ref{sequences}.
216: This mode of operation is especially useful for novice users.
217: The process of connecting to the Directory -- binding --
218: takes place automatically when the program is invoked, and an unbind
219: is issued when you quit.
220:
221: The arguments to \man dish(1c) are the same as for bind (see
222: Section~\ref{dish_bind}), with the addition of a `-pipe' flag
223: which is used to start dish in ``shell'' mode (see Section~\ref{dish_shell})
224: (NOTE: ``dish -pipe \&'' has the same effect as the shell command ``bind'').
225:
226: \section {Commands}
227:
228: Each of the DISH commands described below has a large number of valid flags,
229: the full names of the flags are given below, however the shortest unique
230: name is sufficient to select the flag.
231: Similarly, when dish is used interactively the shortest unique name is taken
232: for the command name (e.g. ``l'' for ``list'').
233: There is an exception in that ``sh'' is interpreted as ``showentry'',
234: ``shown'' must be typed for ``showname''.
235:
236: The additional flag \tt -help \rm \ can be specified with
237: every command to get limited runtime help.
238:
239: \subsection{Moveto}
240: \label{dish_start}
241: With nearly every command it is possible to supply the distinguished name of
242: the object you want to reference.
243: In the syntax this is represented by
244: \begin{verbatim}
245: <object>.
246: \end{verbatim}
247: An initial `\tt @\rm ' in an object description specifies that the name
248: is relative to the root of the Directory Information Tree (DIT),
249: otherwise the name is relative to the current
250: position in the DIT.
251: The special name component `..' is used to mean `one
252: position up' from the current position.
253: Some examples of valid names and their interpretation relative to
254: how a distinguished name is built up are shown below by the following
255: sequence of names:
256:
257: \begin{description}
258:
259: \item [\verb+"@c=GB@o=University College London@ou=Computer Science"+:]
260: The specified object is \\
261: ``c= GB @ o= University College London @ ou= Computer Science''.
262:
263: \item [\verb+"cn=Colin Robbins"+:]
264: describes the object
265: cn=Colin Robbins relative to the current
266: position (``c= GB @ o= University College London @ ou= Computer Science @ cn= Colin Robbins'').
267: Spaces in a name will be seen as the start of a separate
268: argument by the shell, so the name must be quoted.
269:
270: \item [\verb+"..@cn=Steve Titcombe"+:]
271: describes the entry
272: cn=Steve Titcombe at the same level
273: in the DIT as the current position (``c= GB @ o= University College London @
274: ou= Computer Science @ cn= Steve Titcombe'').
275:
276: \end{description}
277:
278: Objects can also be expressed in the form of sequence numbers and nicknames.
279: See sections \ref{sequences} and \ref{quipurc}.
280:
281: When you specify an object, the current position in the DIT is not changed.
282: To change the current position you should use
283: \begin{verbatim}
284: moveto [-[no]pwd] [-[no]check]
285: [-sequence <name>] [-nosequence] <position>
286: \end{verbatim}
287:
288: The \tt -pwd \rm \ flag tells moveto to print the current position in the
289: DIT.
290: The current position can also be changed with the \tt -move\rm \ flag to
291: showentry and list (see Sections~\ref{dua:list} and ~\ref{dua:show}).
292:
293: The \tt -nocheck \rm \ flag tells moveto NOT to check the entry exists,
294: normally, moveto will invoke a `\verb"read"' to check the named entry exists.
295:
296:
297: \subsection{Showentry}
298: \label{dua:show}
299:
300: \begin{verbatim}
301: showentry [<object>] [-[no]cache] [-[no]name]
302: [-[no]move] [<any of the read arguments>]
303: \end{verbatim}
304:
305: Showentry will show the distinguished
306: name of the current entry (unless \tt -noname\rm \ is specified),
307: followed by each attribute
308: specified in the read arguments.
309: If the `\tt -all\rm ' is given all attributes will be shown.
310: If insufficient information resides in the local cache, a `\tt read\rm ' will
311: be performed.
312:
313: \tt -cache\rm \ is used the tell showentry to use cached information only ---
314: do not issue a read operation.
315: This is used to see what the DUA has cached, and then get information when
316: the local DSA is unavailable.
317:
318: \tt -nocache\rm \ is used to enforce a directory read, this is used to update the cache
319: directly.
320:
321: \tt -move\rm \ is used to tell dish to change the current position in the DIT
322: to the object specified.
323:
324: \subsubsection{read flags}
325:
326: These flags are used by showentry(1), showname(1), search(1) and modify(1).
327:
328: \begin{quote}\begin{verbatim}
329: [-[no]types <attribute-type> *] [-[no]all]
330: [-[no]value] [-[no]show]
331: [-[no]key] [-edb]
332: [-proc <syntax> <process>]
333: [-sequence <name>] [-nosequence]
334: \end{verbatim}\end{quote}
335:
336: The \tt all\rm \ flag request that all attribute are read (default).
337:
338: The \tt value\rm \ flag reads the attribute value, which is the default,
339: the inverse is to read the attribute types only.
340:
341: The \tt novalue\rm \ flag says print the attribute types only.
342:
343: The \tt show\rm \ flag displays the information read.
344:
345: The \tt key\rm \ flag determines whether the key (attribute type) will
346: be shown along with the attribute value.
347:
348: The \tt edb\rm \ flag requests that the data is displayed in ``EDB'' format,
349: that is, a format which can be used in QUIPU data files.
350:
351: The \tt type\rm \ flag requests that only the supplied attributes are
352: read from the DSA, the inverse of this \tt -notype \rm \ does not
353: prevent the attributes being read (as there is no
354: easy mechanism to perform this within X.500),
355: but it does stop them being shown.
356:
357: The \tt proc\rm \ flag is used to instruct the display routines to uses an
358: external process to display the attribute.
359: For example if you have a process that displays presentation elements
360: representing ``OID's'' in a particular
361: way, then you can use
362: \begin{quote}\begin{verbatim}
363: showentry -proc OID /usr/bin/oid_display_process
364: \end{verbatim}\end{quote}
365: then all OIDs will be displayed using ``/usr/bin/oid\_display\_process''.
366:
367: The \tt sequence\rm \ flag is used to control sequences, sequences
368: are described in Section~\ref{sequences}.
369:
370: \subsection{List}
371: \label{dua:list}
372: \begin{verbatim}
373: list [<object>] [-nocache] [-noshow] [-[no]move]
374: \end{verbatim}
375: This function displays all the children below your current position.
376:
377: \tt -nocache\rm \ tells list to re-read the directory - do not use cached information.
378:
379: \tt -noshow\rm \ tells list not to display the names found, but
380: still construct sequences (see section \ref{sequences}).
381:
382: \tt -move\rm \ is used to tell dish to change the current position in the DIT
383: to the object specified.
384:
385: \subsection{Search}
386: \label{search}
387:
388: \begin{verbatim}
389: search [[-object] <object>]
390: [-baseobject] [-singlelevel] [-subtree]
391: [[-filter] <filter>]
392: [-[no]relative] [-[no]searchaliases]
393: [-[no]partial] [-hitone]
394: [<any of the read arguments>]
395: \end{verbatim}
396:
397: Search the DIT starting at the object specified, for entries that match a
398: filter.
399: When an entry is found to match the filter, its distinguished name is printed
400: unless a `\tt-show\rm ' option is
401: specified, when the entry is displayed.
402:
403: If no filter is specified the default filter (which matches any object in
404: the DIT) is used.
405:
406: If no flags are given, then the sole allowed parameter is taken to be the
407: filter (NOT the base object as in ALL the other commands).
408: The flags \tt -filter\rm \ and \tt -object \rm \ are supplied to allow the
409: user to specify if both a filter and base object (NOTE only one need be
410: flagged).
411: For example, the following are all valid search commands
412: \begin{quote}\begin{verbatim}
413: search
414: search <filter>
415: search -filter <filter>
416: search -object <object>
417: search -filter <filter> -object <object>
418: search <filter> -object <object>
419: search -filter <filter> <object>
420: \end{verbatim}\end{quote}
421: Whereas
422: \begin{quote}\begin{verbatim}
423: search <object> (interpreted as a filter !)
424: search <filter> <object>
425: \end{verbatim}\end{quote}
426: are not valid.
427:
428: The flag `\tt -singlelevel\rm ' will search all the children
429: from the current position.
430: The flag `\tt -subtree\rm ' searches all the
431: levels below the current position recursively.
432: The default is
433: `\tt -singlelevel\rm '.
434:
435: For example:-
436: \begin{verbatim}
437: search -object
438: "@c=GB@o=University College London@ou=Computer Science"
439: -subtree -filter "cn=colin robbins" -type telephonenumber -show
440: \end{verbatim}
441: will search the subtree below `c=GB @ o=University College London @ ou=Computer Science' for
442: an exact match of ``colin robbins'', and call showentry to
443: display the {\em telephonenumber} attribute.
444:
445: The \tt -norelative\rm \ flag is used to tell \verb"showname" to print the full
446: distinguished name of the results, otherwise the name relative to the current
447: position is printed.
448:
449: The \tt -[no]searchaliases\rm \ flag direct the search as to whether aliases
450: encountered in the search should be dereferenced and searched.
451:
452: The \tt -hitone\rm \ flag is used to tell Dish to consider it an error if
453: the search returns more than one entry. This is particularly useful when
454: using Dish from shell scripts (see Section~\ref{dish_shell}).
455:
456: From time to time, search will not be able to do the entire search, and will
457: return partial results, the \tt -nopartial\rm \ directs dish not to print
458: the partial result information. To see the full set of partial results, both
459: \tt -partial\rm \ and \tt -show\rm \ are needed, otherwise a summary is
460: printed.
461:
462: \subsubsection{More on Matching}
463:
464: As well as an exact equality match, the
465: following types of match can be specified
466: \begin{quote}\begin{verbatim}
467: ~= Approximately equals.
468: >= Greater than or equal.
469: <= Less than or equal.
470: \end{verbatim}\end{quote}
471:
472: When searching for an exact match (`=')
473: the `\tt *\rm ' character is used as a wildcard, and a substring
474: match takes place (unless only a `\tt *\rm ' is specified, when a {\em
475: presence} match is used - hence any entry
476: containing that attribute will be matched).
477:
478: Filter items can be linked with {\em and} `\tt \&\rm ', or {\em or}
479: `\tt $|$\rm '. Brackets `\tt( )\rm '
480: should be used to enforce the boolean
481: ordering of the expressions, otherwise the evaluation is left to right.
482: A {\em not} `\tt !\rm ' can be used to specify the boolean not operator.
483:
484: If a filter does not have a type specified e.g., ``-filter steve'',
485: then an approximate match for the specified common name is assumed
486: (in this case ``-filter cn$\tilde{\ }$=steve'' is assumed).
487:
488: A more complex example of a filter
489: that searches for anybody whose is a member of staff
490: or a student, who has a ``drink'' attribute,
491: whose name approximately matches ``steve'', but whose surname is
492: not ``Kille'':-
493: \begin{verbatim}
494: cn~=steve & (userClass = staff | userClass = student) &
495: (! surname = Kille) & drink = *
496: \end{verbatim}
497:
498: A list of all the attributes is given in
499: Chapter~\ref{syntaxes}, together with a description of the type matching of
500: matching allowed.
501:
502: \subsection {Add Entry}
503: \label{dish:add}
504:
505: \begin{verbatim}
506: add [<object>] [-draft <draft> [-noedit]] [-newdraft]
507: [-template <draft>] [-objectclass <objectclass>]
508: \end{verbatim}
509:
510: Add is used to add entries to the DIT.
511: This invokes editentry
512: on the draft entry.
513: If there is not a draft entry specified a draft entry of the specified
514: objectclass (default --- thornperson \& quipuObject) is created.
515: The default draft file is ``.dishdraft'' in your home directory, this can be
516: altered with the -draft option.
517:
518: When editing has finished the entry is added to the DIT
519: (the \tt -noedit\rm \ flag following a \tt -draft\rm \ stops the editor
520: being invoked).
521:
522: \tt -newdraft\rm \ causes the current draft to be overwritten with a new
523: template of the appropriate objectclass.
524:
525: \tt -template\rm \ is used to specify a template that should be used during
526: editing.
527:
528: On successful completion of the add, the draft entry is renamed with a suffix of
529: ``.old''.
530:
531: \subsection{Editentry}
532:
533: \begin{verbatim}
534: editentry <draft>
535: \end{verbatim}
536:
537: editentry invokes an editor (as defined by the users
538: \$EDITOR environment variable) on the current draft entry.
539: In a future release it is hoped to have an editor that knows about the syntax
540: of an entry, and thus ensures that the entry you have supplied is syntactically
541: correct.
542:
543: \subsection {Delete Entry}
544: \begin{verbatim}
545: delete [<object>]
546: \end{verbatim}
547: The specified entry is removed from the DIT.
548:
549: \subsection {Modify Entry}
550: \label{dish:modify}
551: \begin{verbatim}
552: modify [<object>] [-draft <draft> [-noedit]] [-newdraft]
553: [<any of the showentry arguments>]
554: \end{verbatim}
555: Modify is used to modify existing entries in the DIT. Initially showentry
556: is used to get the current DIT entry, and place a copy of if in your
557: .dishdraft file. If the -draft option is specified the given file is used.
558: After editing, any changes to the entry are sent to the directory
559: (the \tt -noedit\rm \ flag following a \tt -draft\rm \ stops the editor
560: being invoked).
561:
562: The draft file is handled in the same way as with add, except, when a
563: new draft is created, the current values of the attributes are read from the
564: directory.
565:
566: \subsection {ModifyRDN}
567: \begin{verbatim}
568: modifyrdn [<object>] -name <newrdn> [-[no]delete]
569: \end{verbatim}
570: This is used to modify the RDN of an entry.
571:
572: The \tt -nodelete\rm \ flag is used to prevent the old RDN being removed as
573: an attribute of the entry.
574:
575:
576: \subsection{Showname}
577: \label{showname}
578:
579: \begin{verbatim}
580: showname [<object>] [-compact] [-[no]cache]
581: [<any of the read arguments>]
582: \end{verbatim}
583:
584: A name can be printed either in compact form, just showing the distinguished
585: name, or by showing the distinguished attributes.
586:
587: \subsection{Compare}
588: \label{dua:compare}
589: \begin{verbatim}
590: compare [<object>] -attribute <attribute> [-[no]print]
591: \end{verbatim}
592: For example
593: \begin{quote}\begin{verbatim}
594: compare userclass=student
595: \end{verbatim}\end{quote}
596: This command has a return value of true or false (1 or 0).
597:
598: If `\tt -print\rm ' is specified the strings ``TRUE'' or ``FALSE'' are printed.
599:
600: \subsection {Squid}
601:
602: \begin{verbatim}
603: squid [-sequence [<sequence name>]]
604: [-alias <alias>] [-version]
605: \end{verbatim}
606:
607: The command \pgm {squid} (Status QUIpu Dish) with no
608: parameters will inform you of the current status
609: of you dish process for example:
610: \begin{quote}\begin{verbatim}
611: Connected to Armadillo at Internet=128.40.16.220+2005
612: Current position: @c=GB@o=Nottingham University
613: User name: @c=GB@o=University College London@
614: ou=Computer Science@cn=Colin Robbins
615: Current sequence 'default'
616: \end{verbatim}\end{quote}
617:
618: \tt -sequence\rm \ makes squid print the specified sequence.
619: Sequences are described in Section~\ref{sequences}.
620:
621: \tt -alias\rm \ adds the given DN to the current sequence.
622:
623: \tt -version\rm \ print the version number of the dish process and
624: associated libraries.
625:
626: \subsection {Bind}
627: \label{dish_bind}
628:
629: \begin{verbatim}
630: bind [-noconnect] [[-user] [<username>]]
631: [-password [<password>]] [-[no]refer] [-call <dsaname>]
632: [-simple] [-protected] [-strong] [-noauthentication]
633: \end{verbatim}
634:
635: This is used to (re)connect to the directory. This is not normally
636: required, as each command will bind as necessary, but allows advanced users
637: to contact specified DSA's.
638:
639: \tt -noconnect\rm \ is used to start dish (and cache) without connection to a
640: directory.
641:
642: For an explanation of the `\tt -cache\rm ' flag see Section~\ref{dua_cache}
643:
644: \tt -norefer\rm \ is used to tell Dish whether to automatically follow
645: referrals issued by the DSA.
646:
647: To connect to the directory you need to be authenticated.
648: The are four flags to control the level of authentication required.
649: \tt -noauthentication\rm \ will gain you ``public'' rights to the directory,
650: thus you typically won't be able to modify data.
651: \tt -simple\rm \ and \tt -protected \rm \ present a textual password to the
652: directory which it the uses to authenticate you.
653: Using \tt -simple\rm \ the password is sent across the network ``in the
654: clear'', whereas \tt -protected \rm \ encrypts it, thus you are advised to
655: used \tt -protected \rm \ if your directory supports it.
656:
657: The \tt -strong \rm \ flag tells Dish to send strong authentication
658: credentials to the directory. This is not fully implemented in this version
659: of QUIPU.
660:
661: To connect to the DSA using ``simple'' or ``protected'' authentication,
662: you must supply a
663: distinguished name (\tt -user\rm ) and password (\tt -password\rm ).
664: This however reveals you password to anybody who is looking at your
665: terminal, but is useful for issuing bind operations from
666: a shell script. To prevent this you need to place the
667: password in your \unix/ protected ``.quipurc'' (see Section~\ref{quipurc}).
668: Alternatively, if you do not supply a password, you will be prompted for one.
669:
670:
671: \subsection {Unbind}
672:
673: \begin{verbatim}
674: unbind [-noquit]
675: \end{verbatim}
676:
677: This is used to break the connection to a DSA.
678: If -noquit is specified, the dish process does not die (This is used to
679: maintain the cache).
680:
681: To be ``friendly''
682: to other users, you should unbind
683: when you have finished using the directory --- put an \tt unbind\rm \ in
684: you ``.logout'' file if you use \verb"dish" from the shell.
685:
686: \section {Sequences}
687: \label{sequences}
688:
689: Results returned by {\em search} and {\em list} may be long, and for
690: this reason have a reference number printed beside them.
691: The reference number can be used as the ``object'' in any of the calls to the
692: directory. Thus
693: \begin{quote}\begin{verbatim}
694: showentry 6
695: \end{verbatim}\end{quote}
696: shows the entry labelled with the sequence number
697: ``6'' by a previous {\em search} or {\em list}.
698:
699: When you come into dish
700: by default, the resultant numbers of list and search operations
701: are added to a sequence called ``default''.
702:
703: To get a different sequence (hence renumber from 1 again), you can change
704: this to ``mysequence'' with a
705: \begin{quote}\begin{verbatim}
706: -sequence mysequence
707: \end{verbatim}\end{quote}
708: flag.
709:
710: To completely remove the concept of sequences (so no numbers are printed by list
711: or search) use ``\tt -nosequence\rm ''.
712:
713: The special keyword ``\tt reset\rm '' is used to reset the current sequence,
714: thus causing future operations to be renumbered from 1.
715: This is different to setting a new sequence, as the old sequence values are
716: removed.
717:
718: Occasionally you will want to search an entry defined in one sequence,
719: putting the results in another, for this purpose the special token
720: ``result'' is recognised, thus
721: \begin{quote}\begin{verbatim}
722: search 4 -sequence xxx -sequence result yyy
723: \end{verbatim}\end{quote}
724: will search entry 4 as defined by sequence ``xxx'', but place the results in
725: sequence ``yyy''.
726:
727: \section {Service Controls}
728: \label{dish_serv}
729:
730: All the commands described in Sections~\ref{dua:show}
731: through \ref{dua:compare}
732: have additional flags to control the type of service provided. The
733: advice to a novice user is let these flags take their default values.
734:
735: The flags recognised are listed below:-
736:
737: \begin{description}
738:
739: \item [-(no)preferchain] Advise the DSA (not) to chain the operation if
740: required.
741:
742: \item [-(no)chaining] (Prohibit) Allow the use of chaining.
743:
744: \item [-(dont)usecopy] (Prohibit) Allow the use of a cached or slave
745: copy of the data.
746: Note this refers to data cached in the DSA, there are separate flags
747: (already described)
748: for data cached in the DUA.
749:
750: \item [-(dont)dereferencealias] (Do not) dereference aliases if found in
751: the path of a query.
752:
753: \item [-low] Flag the query as low priority.
754: \item [-medium] Flag the query as medium (default) priority.
755: \item [-high] Flag the query as high priority.
756:
757: \item [-timelimit $n$] Set the time limit to $n$ seconds.
758: \item [-notimelimit] Do not specify a time limit.
759:
760: \item [-sizelimit $n$] Set the size limit to $n$ entries.
761: \item [-nosizelimit] Do not specify a size limit.
762:
763: \item [-(no)localscope] (Do not) limit operation to local scope.
764:
765: \item [-(no)refer] (Do not) automatically follow referrals issued by the DSA.
766:
767: \item [-strong] Ask the DSA to use strong authentication when sending the
768: results.
769:
770: \end{description}
771:
772:
773:
774:
\section {Tailoring}
775:
776: There are two levels of tailoring that control the operation of the DISH DUA.
777: First of all there is the system wide tailor file \file{dsaptailor}
778: (found in the ISODE \verb"ETCDIR" directory, usually \file{/usr/etc/}), and
779: then users private tailor file \file{.quipurc}.
780:
781: The file \file{dsaptailor} is described in Section~\ref{dua:tailor}.
782:
783: \subsection {.quipurc}
784: \label{quipurc}\index{.quipurc}
785: The file \file{.quipurc} is read by \verb"dish" on start up, and
786: has the following format:-
787:
788: \begin{verbatim}
789: flag: value
790: \end{verbatim}
791:
792: The following flags are currently recognised:-
793: \begin{description}
794:
795: \item [username] The name of the user to bind as.
796:
797: \item [password] The password to use when binding. For this reason care
798: should be taken to ensure you .quipurc file is not publicly readable.
799:
800: \item [cache\_time] How long to keep the dish process alive after unbinding
801: (specified in minutes)
802:
803: \item [connect\_time] How long to keep a connection open, it there is no
804: activity (specified in minutes)
805:
806: \item [service] A list of default service control flags
807: (as defined in Section~\ref{dish_serv}).
808:
809: \item [sequence] Add the supplied DN parameter to the default sequence.
810:
811: \item [dsap] This can be followed by one of the dsaptailor options
812: described in the Section~\ref{dua:tailor}.\index{dsaptailor}
813:
814: \item [isode]
815: This can be followed by one of the ISODE tailor options
816: described in \volone/ of this Manual.
817:
818: \item [notype] The argument is expected to be an attribute type.
819: This attribute will not be displayed by showentry by default.
820:
821: \item [type] The only valid argument for this entry is ``unknown'', and says
822: that unknown attributes should be shown, by default, they are not shown.
823:
824: \item [certificate] Used for strong authentication.
825:
826: \item [secret\_key] Used for strong authentication.
827:
828: \item [$<$dish command$>$] A list of default flags
829: to be used when `command' is used.
830: For example
831: \begin{verbatim}
832: showname: -compact
833: \end{verbatim}
834: says that ``showname'' should always be invoked with the
835: \tt -compact \rm \ flag set.
836:
837: \item [$<$nickname$>$] A nickname entry, for example
838: \begin{quote}\smaller\begin{verbatim}
839: cjr: ``c= GB @ o= University College London @ ou= Computer Science @ CN= Colin Robbins''
840: \end{verbatim}\end{quote}
841: This can then be used in distinguished name arguments, for example
842: \begin{quote}\begin{verbatim}
843: showentry cjr
844: \end{verbatim} \end{quote}
845: will show the entry for `Colin Robbins'.
846:
847: \end{description}
848:
849:
850:
\section {Remote Management of the DSA}\label{dua:mgmt}
851: \begin{verbatim}
852: dsacontrol [-[un]lock <entry>] [-dump <directory>]
853: [-tailor <string>] [-abort]
854: [-restart] [-info] [-refresh <entry>]
855: [-resync <entry>] -slave [<entry>]
856: \end{verbatim}
857:
858: If the \pgm{dish} program is bound to the DSA as the Directory manager
859: (See Section~\ref{dish_bind} on binding),
860: then it may be used to (primitively) manage the DSA.
861: This feature is discussed in \cite{QUIPU.Design} and Section~\ref{dsa:mgmt}
862: of this Manual.
863:
864: \tt (un)lock\rm \ used to (un)lock subtrees of the DIT held locally. This
865: (allows) prevents users to modify the DIT.
866:
867: \tt dump\rm \ causes a copy of the local DIT to be dumped into the specified
868: directory.
869: Note that when the DSA dumps its in-core database,
870: it does so relative to the (possibly remote) \unix/ directory from which the
871: DSA was started,
872: not the directory that \man dish(1c) was invoked in!
873: So it is best to specify path names in full to ensure the database is dumped
874: where you expect it to be!
875:
876: \tt tailor\rm \ is used to pass tailor command to a running DSA. The format of
877: ``string'' is the same as a line in the ``quiputailor'' file.
878: For example:-
879: \begin{quote}\begin{verbatim}
880: dsacontrol -tailor "dsaplog level=all"
881: \end{verbatim}\end{quote}
882: will turn the DSA logging on full.
883:
884: \tt refresh\rm \ tells the DSA to re-read sub-tree `entry' from disk.
885: As with all `dsacontrol' commands, `entry' must be the full DN of the target
886: entry, the dish concept of `current position' is not used.
887: Also, if relating to a disk operation, the CASE of the DN must be correct
888: as well.
889:
890: \tt resync\rm \ tells the DSA to re-write the sub-tree `entry' to disk.
891:
892: \tt slave\rm \ tell the DSA to update its SLAVE EDB files, see Section
893: \ref{slave_update} for details.
894:
895: \tt abort\rm \ tells the DSA to stop.
896: \tt restart\rm \ tells the DSA to stop, then restart.
897:
898: \tt info\rm \ asks the DSA to return some statistics about its database.
899:
900: The error messages returned from a DSA are somewhat obscure.
901: There are 3 things dish may report:
902: \verb+DONE+ --- the operation has been successfully completed;
903: \verb+Access rights insufficient+ --- you are not bound as the DSA manager;
904: \verb+Unwilling to perform+ --- the DSA was unable to perform the task, this
905: generally means the argument to dsacontrol was wrong.
906:
907: \section {Caching in the DUA}
908: \label {dua_cache}
909:
910: All results returned from read and list operations are cached in memory
911: in the DUAs. The cache is then used if possible to answer queries.
912: The cache is kept for ``cache\_time'' minutes as specified in the tailor
913: files.
914:
915: Disk caching has not been implemented yet,
916: but it is intended to extend the in-core caching,
917: so that the cached data can be written to disk. When the DUA's start up, the
918: user will have the option to read this cache.
919: Similar support for private data may be provided.
920:
921: \section {Running DISH from the Shell}
922: \label{dish_shell}
923:
924: Each of the dish commands mentioned in this Chapter to
925: \ref{dua:mgmt}
926: can be applied directly to the shell, without having to first invoke
927: \pgm{dish}. This has the advantage that the result can be piped through
928: programs like \pgm{more} thus giving the user flexibility in how
929: they view the data.
930:
931: Chapter~\ref{quipu:install} describes how to install this ``extra'' feature of
932: dish.
933:
934: \subsection {Dishinit}
935: A program called \pgm{dishinit}
936: \label{dishinit}
937: can be use to
938: bind to the directory as the manager, read certain information
939: and create a
940: default \verb".quipurc"
941: file for a specified user.
942: This is a useful utility for new databases.
943: If the \verb"dsaptailor" variable \verb"dishinit" is set to \verb"on",
944: dishinit will be invoked by \verb"dish" whenever is can not find a
945: .quipurc file.
946:
947: \verb"dishinit" needs three parameters to be set in order to bind as the
948: manager, and search the local subtree.
949: These parameters are defined at the top of the dishinit script and are:-
950: \begin{description}
951: \item [manager] The DN of the manager of the local DSA
952: \item [password] The managers password (the script should be protected
953: with \unix/ file protection).
954: \item [position] The DN of the local sub-set of the DIT. This is where
955: the entries for users will be looked for
956: \end{description}
957:
958: \subsection{Example Scripts}
959: Two example scripts have been supplied as part of ISODE, and can be found in
960: the \file{others/quipu/uips/dish} directory.
961: \begin{description}
962: \item [dsaping] contacts all the DSAs at a given level in the DIT, and
963: gathers some statistics.
964: \item [dsalist] produces a list of all the (known) DSAs in the DIT.
965: \end{description}
966:
967: Each time a new shell is invoked and a dish command entered, a new DISH will
968: be invoked. This is sometimes not required. To prevent this from happening
969: an environment variable ``DISHPROC'' can be set, and should be the TCP
970: address to use for communication, for example
971: \begin{quote}\begin{verbatim}
972: 127.0.0.1 12345
973: \end{verbatim}\end{quote}
974: where 127.0.0.1 is the IP address, and 12345 is the TCP port.
975: The two example scripts show how the TCP port may be generated if required
976: under \verb+sh+.
977: For \verb+csh+ you might use
978: \begin{verbatim}
979: if (${?DISHPROC} == 0) then
980: setenv DISHPROC "127.0.0.1 `expr $$ + 10000`"
981: endif
982: \end{verbatim}
983:
984: For people not running in the TCP environment this is not a problem, as
985: ``named pipes'' are used, with the pipe name being bound to the terminal
986: identifier, the section below identifies these files.
987:
988: \subsection {Files}
989:
990: When the multiple command version of dish is compile on a machine that does
991: not support sockets, name pipes are used
992: to communicate with the
993: a background process.
994:
995: The file ``/tmp/dish$<$pid$>$'' is used by dish to write results to the calling
996: processes, where the ``pid'' is the process id of the calling process.
997:
998: The file ``/tmp/dish--$<$tty$>$--$<$uid$>$'' is used by calling process to send commands to
999: dish, where ``tty'' is the users terminal number, and ``uid'' their user id.
1000:
1001: \chapter {SID}
1002: \index{sid}
1003: \label{DUA:sid}
1004: SID (Steve's Interface to Dish) is a Directory User Agent, designed to be
1005: incredibly easy to use.
1006: It is implemented as a simple set of scripts to the DISH DUA.
1007:
1008: There are a lot of flags to DISH, this can make it awkward to use, and in
1009: general shows too much directory specific information.
1010: Fred has a centralised view of the world, and does not give
1011: the advantages of a shell based interface.
1012:
1013: SID is a simple approach of giving appropriate aliases to access DISH
1014: commands. It is targetted for searching for people and organisations.
1015: It may be useful ``as is'' to others, and also give an indication as to how
1016: DISH may be used.
1017:
1018:
1019: \section {Quickstart}
1020:
1021:
1022: \begin{description}
1023: \item[WARNING] Before you start to try SID, you must have the variable
1024: DISHPROC set in your environment. The mechanism suggested in
1025: Section~\ref{profile} is a good way to achieve this. To experiment,
1026: csh users can type the incantation:
1027: \begin{verbatim}
1028: % setenv DISHPROC "127.0.0.1 `expr $$ + 1000`"
1029: \end{verbatim}
1030: \end{description}
1031:
1032:
1033: To find users within your Organisation is very easy.
1034: The default setup is optimised for
1035: your particular Organisational Unit. Simply use the command {\bf psearch}
1036: with a single argument to identify the user looked for. This will identify
1037: all users with this key as a substring. For example:
1038:
1039: \begin{quote}\small\begin{verbatim}
1040: % psearch steve
1041: countryName=GB
1042: organisation=University College London
1043: department=Computer Science
1044:
1045: 1 cn=Steve Kille
1046: telephoneNumber - +44-1-380-7294 (work)
1047: telephoneNumber - 01-350-2888 (home)
1048: 2 cn=Stephen Titcombe
1049: telephoneNumber - +44-1-387-7050 x 3674/5
1050: telephoneNumber - Term = 01-388-4741
1051: 3 cn=Stephen Sackin
1052: 4 cn=Steve Wilbur
1053: telephoneNumber - +44-1-380-7287
1054: 5 cn=Stephen Usher
1055: telephoneNumber - +44-1-387-7050 x 3674/5
1056: 6 cn=Kevin Steptoe
1057: 7 cn=Tomasz Stepniak
1058: 8 cn=Stefan Penter
1059: telephoneNumber - +44-1-387-7050 x 3674/5
1060: 9 cn=Stephania Loizidou
1061: 10 cn=Steve Hodges
1062: telephoneNumber - +44-1-387-7050 x 3674/5
1063: 11 cn=Steve Davey
1064: telephoneNumber - +44-1-387-7050 x 7280 or 7289
1065: 12 cn=Steve Chan
1066: telephoneNumber - +44-1-387-7050 x 3674/5
1067: 13 cn=Steven Britton
1068: telephoneNumber - +44-1-387-7050 x 3715
1069: 14 cn=Stephen Beckles
1070: telephoneNumber - +44-1-387-7050 x 3674/5
1071: 15 cn=Steven Bacall
1072: telephoneNumber - +44-1-387-7050 x 3674/5
1073: telephoneNumber - dd 01-387-6978 (Campbell House)
1074: \end{verbatim}\end{quote}
1075:
1076:
1077: Each match will have an associated number. To show a given entry, just use
1078: the command {\bf showentry}, with the number identifying the entry as the
1079: single argument. For example to show entry 1 (Steve Kille):
1080:
1081: \begin{quote}\smaller\begin{verbatim}
1082: % showentry 1
1083: c=GB@o=University College London@ou=Computer Science@cn=Steve Kille
1084: Address - 35 Elspeth Road
1085: London
1086: SW11 1DW
1087: userClass - csresstaff
1088: photo - (See X window, pid 598)
1089: roomNumber - G24
1090: favouriteDrink - Pinta - Brakspears
1091: info - Directory worker
1092: rfc822Mailbox - [email protected]
1093: textEncodedORaddress - /Pn=Stephen.Kille/Ou=cs/O=ucl/ \
1094: Prmd=uk.ac/admd=gold 400/c=gb/
1095: userid - steve
1096: telephoneNumber - +44-1-380-7294 (work)
1097: telephoneNumber - 01-350-2888 (home)
1098: description - New Description
1099: surname - Kille
1100: name - Steve E. Kille
1101: name - Stephen Kille
1102: name - Steve Kille
1103: \end{verbatim}\end{quote}
1104:
1105: If you are running X windows, a picture will be displayed if it is present.
1106:
1107: If you wish to search all of your Organisation, simply give a second argument
1108: to {\bf
1109: psearch}. For example, to search UCL give `ucl' as shown:
1110:
1111: \begin{quote}\small\begin{verbatim}
1112: % psearch baker ucl
1113: Searching for People matching "baker" under:
1114: countryName=GB
1115: organisation=University College London
1116:
1117: 4 ou=French Lang and Lit@cn=F Baker
1118: telephoneNumber - 3077
1119: 5 ou=Economics@cn=V Bashkar
1120: telephoneNumber - 2286
1121: 6 ou=Biochemistry@cn=J Basra
1122: telephoneNumber - 2185
1123: 7 ou=Bartlett School@cn=H Bowker
1124: telephoneNumber - 7453
1125: 8 ou=Anatomy and Embryol@cn=D Becker
1126: telephoneNumber - 3293
1127: 9 ou=Computer Science@cn=Malcolm Booker
1128: telephoneNumber - +44-1-387-7050 x 3645
1129: 10 ou=Computer Science@cn=Imtiaz Bashir
1130: telephoneNumber - +44-1-387-7050 x 7304
1131: 11 ou=Computer Science@cn=Benjamin Bacarisse
1132: telephoneNumber - +44-1-380-7212 (work)
1133: telephoneNumber - 01 987 2746 (home)
1134: 12 ou=Surgery@cn=L Baker
1135: telephoneNumber - 82-5255
1136: 13 ou=History Of Art@cn=B A Boucher
1137: telephoneNumber - 7210
1138: 14 ou=Geological Sciences@cn=J R Baker
1139: telephoneNumber - 2382
1140: 15 ou=Secretary's Office@cn=I H Baker
1141: telephoneNumber - 3000
1142: \end{verbatim}\end{quote}
1143:
1144:
1145: \section {Example Usage}
1146:
1147: A typical sequence to find someone outside you organisation is now shown:
1148:
1149:
1150: \begin{quote}\small\begin{verbatim}
1151: % osearch nott
1152: Searching in country "gb" for Organisations matching "nott"
1153: 1 o=Nottingham University
1154: telephoneNumber - +44-0602-484848x2862
1155: 2 o=NPL
1156: 3 o=JNT
1157: telephoneNumber - +44-0235-445724
1158: % psearch smith 1
1159: Searching for People matching "smith" under:
1160: countryName=GB
1161: organisation=Nottingham University
1162:
1163: 4 ou=Computer Science@cn=Hugh Smith
1164: telephoneNumber - extn 2862 (Departmental Secretary)
1165: % showentry 4
1166: c=GB@o=Nottingham University@ou=Computer Science@cn=Hugh Smith
1167: photo - (See X window, pid 1076)
1168: telephoneNumber - extn 2862 (Departmental Secretary)
1169: description - lecturer
1170: surname - Smith
1171: name - Hugh.Smith
1172: name - Hugh Smith
1173: \end{verbatim}
1174: \end{quote}
1175:
1176:
1177:
1178: \section {Use of Nicknames}
1179:
1180: It is convenient to have nicknames (privaet aliases) set up for commonly accessed parts of the
1181: Directory Information Tree. These can be set up in the QUIPU Profile (see
1182: Section~\ref{profile}), which sets up the nickname ``us''.
1183: Two nicknames used in the examples are:
1184:
1185: \begin{description}
1186: \item[ucl] Country GB; Organsisation University College London.
1187: \item[cs] Country GB; Organsisation University College London;
1188: Organisational Unit Computer Science.
1189: \end{description}
1190:
1191: Aliases may be used as an alternative to sequence numbers.
1192:
1193: \section {SID Commands}
1194:
1195: The initial SID commands are:
1196:
1197: \begin{description}
1198:
1199: \item[osearch] (Organisation Search) Search for an organisation. The first argument is the
1200: organisation being searched for. For example:
1201:
1202: \begin{verbatim}
1203: % osearch nott
1204: \end{verbatim}
1205:
1206: This searches for any organisations approximating to this string, or
1207: containing it as a substring.
1208:
1209: The second (optional) argument is the two letter country code (e.g., GB, US,
1210: ES, etc.). Use {\bf clist} to find these codes. The default country is the
1211: previous one searched. Example:
1212:
1213: \begin{verbatim}
1214: % osearch nyser us
1215: \end{verbatim}
1216:
1217: \item[psearch] (Person Search) Search for a person. The first argument is a key to identify
1218: the person. Approximate and substring matches are made.
1219: There are two ways of using psearch.
1220:
1221:
1222: \begin{enumerate}
1223: \item Search an identified organisation, using the second argument to
1224: osearch. Examples where the organisation is identified by a nickname:
1225:
1226: \begin{verbatim}
1227: % psearch kirstein ucl
1228: \end{verbatim}
1229:
1230: Example where the organisation is identified by a sequence number, returned
1231: by a previous osearch command.
1232:
1233: \begin{verbatim}
1234: % psearch steve 29
1235: \end{verbatim}
1236:
1237:
1238: \item Move explicitly to an organistion, and then use psearch with only one
1239: argument. This is useful when repeated searches will be made from one point.
1240: Example:
1241:
1242: \begin{verbatim}
1243: % moveto ucl
1244: % psearch kirstein
1245: \end{verbatim}
1246:
1247: \end{enumerate}
1248:
1249:
1250:
1251: \item[clist] (Country List) Used to give a list of countries, with friendly descriptions,
1252: as well as the two letter code.
1253:
1254: \item[ousearch] (Organisational Unit Search) Search for an OU. Analogous to psearch. This is
1255: appropriate for use where organisations are large, and a full search takes
1256: too long.
1257:
1258: \item[dlist] (Directory List) This uses the search command to provide a listing of directory
1259: information, without a clutter of wild South American animals.
1260:
1261: \end{description}
1262:
1263: \section {Standard DISH commands}
1264:
1265: The following DISH commands are useful ``as is'' for normal users, and are
1266: considered to be a part of SID.
1267:
1268: \begin{description}
1269: \item[showentry] Show an entry. The sinle argument is typically the numeric
1270: key returned by a search. This will be used a lot, and it is likely to be
1271: worthwhile setting up an alias. The author uses ``ds'' (directory show).
1272: Example, using a sequence number returned by a search.
1273:
1274: \begin{verbatim}
1275: % showentry 36
1276: \end{verbatim}
1277:
1278:
1279: \item[moveto] Move to a defined location. Example of moving to a nickname
1280: defined location:
1281:
1282: \begin{verbatim}
1283: % moveto ucl
1284: \end{verbatim}
1285:
1286:
1287: \item[modify] To modify your own entry, this command is used with the single
1288: argument ``me''. For example:
1289:
1290: \begin{verbatim}
1291: % modify me
1292: \end{verbatim}
1293:
1294: \end{description}
1295:
1296:
1297: \section {QUIPU Profile}
1298: \label {profile}
1299: This is a suggested template for ``.quipurc'', note that this is very
1300: similar to the default file installed by \pgm{dishinit} described in
1301: Section~\ref{dishinit}.
1302:
1303:
1304: \begin{quote}\smaller\begin{verbatim}
1305: username:c=GB@o=University College London@ou=Computer Science@cn=Steve Kille
1306: me:c=GB@o=University College London@ou=Computer Science@cn=Steve Kille
1307: password:steve
1308:
1309: position: @c=GB@o=University College London@ou=Computer Science
1310: notype: acl
1311: notype: treestructure
1312: notype: masterdsa
1313: notype: slavedsa
1314: notype: objectclass
1315: notype: lastmodifiedby
1316: notype: lastmodifiedtime
1317: notype: userpassword
1318: cache_time: 30
1319: connect_time: 2
1320:
1321: us: c=us
1322: moveto: -pwd
1323: showentry: -name
1324:
1325: \end{verbatim}\end{quote}
1326:
1327: You must set the environment variable DISHPROC. This can be done by the
1328: following in the .login file (csh).
1329:
1330: \begin{verbatim}
1331: if (${?DISHPROC} == 0) then
1332: setenv DISHPROC "127.0.0.1 `expr $$ + 1000`"
1333: endif
1334: \end{verbatim}
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.