|
|
Post by mharishm on Oct 5, 2020 8:14:42 GMT
Hi,
In our redfish solution we are supporting LDAP certificates using URI, "/redfish/v1/Managers/Self/RemoteAccountService/LDAP/Certificates". We came across Redfish Resource and Schema Guide document which specifies both URIs "/redfish/v1/AccountService" and "/redfish/v1/Managers/Self/RemoteAccountService" should follow same account service schema ( Ex: AccountService 1.3.1).
Suppose if user traverse to URI, "/redfish/v1/Managers/Self/RemoteAccountService/LDAP", is there any specific schema that we should follow or is it ok to return 404 http status code for URI "/redfish/v1/Managers/Self/RemoteAccountService/LDAP" even though we are supporting "/redfish/v1/Managers/Self/RemoteAccountService/LDAP/Certificates" ?
|
|
|
|
Post by mraineri on Oct 5, 2020 12:33:48 GMT
RemoteAccountService is to be only used when your implementation is aggregating other Redfish services. In the "Self" case, you don't use RemoteAccountService since your "self" account service is found at /redfish/v1/AccountService. The purpose of the RemoteAccountService link is if you want to control the AcccountService for a downstream Redfish service found on a remote manager. Here's the description of the RemoteAccountService property: This property shall contain a link to the account service resource for the remote manager that this resource represents. This property shall only be present when providing aggregation of Redfish services.
From a schema perspective, both "RemoteAccountService" and /redfish/v1/AccountService follow the same schema definition (AccountService_v1.xml). Within the AccountService definition, there's an LDAP object. So, "/redfish/v1/AccountService/LDAP" is not a valid URI, but the certificates for the LDAP object within the account service are found at /redfish/v1/AccountService/LDAP/Certificates. This additional segment is needed since there is also an ActiveDirectory object in the account service, which in turn can have its own certificates.
|
|
