Why would you want to do this? If you want to support searches whose scope cannot be easily restricted using the LDAP namespace, centipede can make these searches efficient. For example, what if you are looking for Babs Jensen, but you don't know what company she works for, or even what state she's in. All you know is that she is a US resident. A search of the entire c=US subtree may be what you want to do, but that's potentially very expensive since it involves contacting every server in the US. With centipede, an indexing slapd can use the index information centipede provides to prune the search space of servers, only referring the client to servers likely to have information on Babs. Or, you might want to create a special index area in your LDAP tree that collects centipede information from other servers based on some entirely different criteria not related to the hierarchy of the LDAP namespace.
The general form of a centipede command is as follows.
ETCDIR/centipede [-f filter] [-F] [-R] [-f filter]The options have the following meanings.
[-t directory] [-m authmethod] [-b binddn]
[-p passwd] [-c cachesize]
-s sourceurl
-d desturl
attributes
-v
Turn on verbose mode. This option can be given multiple times to increase the level of verbosity.-n
Do not actually install index information. Useful in conjunction with -v for seeing what centipede is up to.-f ldapfilter
Specify a filter used to select the entries for which to generate indexing information. ldapfilter should be a string LDAP filter as described by RFC 1588.-F
Generate full, as opposed to relative, index information.-R
Generate relative, as opposed to full, index information. Full information is still generated if there is no previous information available from which to generate the relative information. This is the default.-t directory
Specify the directory in which to create temporary files, find existing index information, and put new index information. The default is whatever is used by tempnam(3).-b binddn
Specify the DN to authenticate with when extracting index information.-p passwd
Specify the password to use for simple authentication when extracting index information.-m authmethod
Specify the authentication method to use when extracting index information. authmethod should be either "simple" or "kerberos".-B binddn
Specify the DN to authenticate with when installing index information.-P passwd
Specify the password to use for simple authentication when installing index information.-M authmethod
Specify the authentication method to use when installing index information. authmethod should be either "simple" or "kerberos".-c cachesize
Specify the size in bytes of the cache used when building the new index information. Upping this number can cause a big performance boost, if you've got the memory for it.
$(ETCDIR)/centipede -f '(objectclass=person)'Note the -b and -p options can be used to authenticate as an entity able to read all the information you want.
-m simple -b <your-rootdn> -p <your-rootdnpw>
-s "ldap://babs.com/o=BabsCo, c=US"
-d "ldap://vertigo.rs.itd.umich.edu/c=US"
cn sn objectclass
Currently, centipede only handles value-based index information. A future version of centipede will allow other types of index information to be manipulated (e.g., word-based indexes, substring indexes, phonetic indexes, hash indexes, etc.). A future version may also allow weights to be generated for the index values.
Finally, centipede works strictly over LDAP at the moment. If and when the Common Indexing Protocol develops, centipede may change to use CIP instead.
Send comments about this page to: ldap-support@umich.edu