Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Service publication is the act of creating and maintaining data about one or more instances of a given service so that network clients can find and use the service. The presence of an active Internet Locator Service can be published to a Windows Active Directory Server for subsequent discovery by applications using standard LDAP v3 calls. An explanation of Service Publication is available at [MSFT-SP] and [MSDN-ADDS].
The process of "publishing" involves adding an entry of type serviceInstance to the available Windows Sockets(WinSock) Services within Active Directory. The serviceInstance object class is used by Windows Sockets (Winsock) Services that publish information about themselves by using registration and resolution (RnR). (For the schema of the class serviceInstance, see [MS-ADSC] section 2.255.)
This publishing is done under the container with RDN CN=WinsockServices within the 'System' well-known object (section 6.1.1.4.11 of [MS-ADTS]). For example, if the fully qualified domain name of an ILS server is ILSServer.testdomain.int, the serviceInstance object with RDN of CN=ILSServer.testdomain.int will be created under the container with DN:
cn=WinsockServices, cn=System, DC=testdomain, dc=int
The LDAP server of an Active Directory domain can be obtained by querying the DNS SRV records for LDAP entries. (See [MS-ADTS] section 6.3.2.)
To add the entry, it is necessary to bind with authorized credentials to the LDAP server on port 389 of the domain controller.
The sequence of steps to publish an ILS running on a machine with a fully qualified domain name of ILSServer.testdomain.int are as follows:
A new container is added to cn=WinsockServices,cn=System,DC=testdomain,dc=int
The LDAP Add operation will have an entry as follows:
Entry: CN=ILSServer.testdomain.int,CN=WinsockServices,CN=System,DC=testdomain,DC=intPartial Attributes:
CN=(ILSServer.testdomain.int)
displayName=(ILSServer.testdomain.int)
objectClass=(serviceInstance)
serviceClassID=(40:79:F1:C9:A7:79:D1:11:B0:08:00:C0:4F:C3:1:EE)
serviceInstanceVersion=(05:00:00:00:01:00:00:00)
The UUID 40:79:F1:C9:A7:79:D1:11:B0:08:00:C0:4F:C3:1:EE is the unique identifier for the Internet Location Service.
Once the container entry has been added to the Active Directory LDAP repository, it is necessary to perform a further LDAP operation. The additional LDAP operation is to modify the attribute winsockAddresses of serviceInstance to represent the IPv4 address of the server that hosts the ILS. Details on the attribute winsockAddresses can be found in [MS-ADA3].
The sequence is completed by performing an LDAP Unbind.