[Date Prev][Date Next] [Chronological] [Thread] [Top]

schemacheck (ITS#101)

To: openldap-its@OpenLDAP.org
Subject: schemacheck (ITS#101)
From: Luc.Verschraegen@rug.ac.be
Date: Mon, 15 Mar 1999 09:28:28 GMT

Full_Name: Verschraegen Luc
Version: 1.2
OS: Solaris 2.6
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (157.193.44.22)


 When entering data to an LDAP repository with 'schemacheck on', missing
required attributes produce an expectable: 

     ldap_add: Object class violation

 It is however no problem to add information about attributes which are
not 'required' nor 'optional', this means that although entrys will
contain all the required attributes the repository will get contaminated
with unwanted data,
 

 A second problem IMHO is the fact that it is possible to add
objectclasses that do not exist in the schema, I understand that the
objectclass attribute which is declared as required can occur more than
once, I would expect however that one way or the other the added
objectclasses could be checked against the schema,


# ------------------ trivial example ------------------------------- #

slapd.conf:

schemacheck     on

objectclass top
 requires
  objectClass

objectclass organization
 requires
  objectClass,
  o

objectclass person
 requires
  objectClass,
  cn,
  sn

#######################################################################
# ldbm database definitions
#######################################################################

database        ldbm
suffix          "o=rug.ac.be, c=be"
directory       /var/tmp/ldap
rootdn          "cn=root, o=rug.ac.be, c=be"input-file:

o=rug.ac.be, c=be
o=rug

cn=root, o=rug.ac.be, c=be
cn=root
sn=root
objectclass=person

cn=llll, o=rug.ac.be, c=be
cn=Verschraegen Luc
cn=Luc
nickname=Luc                               <<
sn=Verschraegen
objectclass=blabla                         <<
objectclass=brol                           <<



# ---------------------------------------------------------------- #

ldapadd:

ldapadd -D "cn=root, o=rug.ac.be, c=be" -w blabla -f ~/ldap/ldap.add 

adding new entry o=rug.ac.be, c=be

adding new entry cn=root, o=rug.ac.be, c=be

adding new entry cn=llll, o=rug.ac.be, c=be


# ---------------------------------------------------------------- #
ldapsearch:

ldapsearch -b 'o=rug.ac.be, c=be' 'objectclass=*'

cn=root, o=rug.ac.be, c=be
cn=root
sn=root
objectclass=person

cn=llll, o=rug.ac.be, c=be
cn=Verschraegen Luc
cn=Luc
nickname=Luc
sn=Verschraegen
objectclass=blabla
objectclass=brol

# ---------------------------------------------------------------- #

rootpw          blabla



# ---------------------------------------------------------------- #

Prev by Date: Re: Configure unable to detect pthread.h (ITS#94)
Next by Date: write ndbm error when call ldap_modrdn2_s (ITS#100)
Index(es):
- Chronological
- Thread