[Kroupware] Automatic server discovery

Brad Hards kroupware@mail.kde.org
Thu, 26 Sep 2002 07:45:44 +1000 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

G'day Tim!

On Thu, 26 Sep 2002 04:10, Tim Jansen wrote:
> On Wednesday 25 September 2002 05:03, Brad Hards wrote:
> > A suggestion that can probably help reduce admin load (and hence TCO) is
> > automatic discovery of the servers (ie the kolab). This would mean that
> > when the user first logs in, the kroupware mail client would issue a
> > query for "smptd", and would receive the URI.  This could be done again
> > on each login, or when the previous gateway fails (eg because the user is
> > on a laptop, and moved to a different network).
>
> First of all a service template must be defined for this, which can be
> quite complicated. You can not assume that there is only one SMTP|IMAP|LDAP
> server - in an enterprise may be more than one (for example for departments
> that use different technologies). So just searching for an IMAP server does
> not help, because you may get the wrong one, especially when you take your
> notebook and connect it in another department.

Your comment about service template is agreed. For those not familiar, refer 
http://www.srvloc.org/srvloc-templates.html and RFC2609. Some publically 
available service templates are provides at: 
http://www.isi.edu/in-notes/iana/assignments/svrloc-templates/
Strictly speaking you don't need an IANA template - you can just do it 
yourself. But that won't interoperate very well, and this is a problem worth 
solving properly.

I left out the IMAP case partly because it is hard, and focussed on the SMTP 
case. SMTP servers tend to be indistinct - any one will do, and if you have 
some metric of load in the template, you can even load balance them at bit. 

One solution for IMAP that will probably work in this case is to use SLP to 
discover the LDAP server (presumably LDAP servers will replicate so there 
will be a common view, which can then do workgroup look-up based on name. I 
think this was your first idea (which I snipped) - I don't know enough about 
Kerberos, so I won't try to compare them.

> On the other hand, when you need to select a scope or some id like a
> workgroup or domain, it's not zero-config anymore. The only information
> about the user that is available for the query is the user's name. But only
> with the user name you can not retrieve the location of the server - SLP
> queries will not help unless you list the names of all users in the
> server's atributes (which does not scale).
Another idea that occured to me is that organisations sometimes divide email 
services by surname. The exchange version of this goes "people with surnames 
from A-D won't have email today".
If you had that kind of policy, then you can do the discovery based on just 
name, even without LDAP.

- -- 
http://conf.linux.org.au. 22-25Jan2003. Perth, Aust. Tickets booked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9ki6IW6pHgIdAuOMRAoFZAJ4ratQotW4sXq86VSgBAWps9y9H5wCgsAVo
Hl3KMjOrWWbbqmGkFiiiSRk=
=IsFJ
-----END PGP SIGNATURE-----