DEN schema for OpenLDAP [was Re: openldap supplanting and working with others]

["Larry S. Bartz" <lbartz@parnelli.indy.cr.irs.gov>]

The OpenLDAP out-of-the-box schema should include the DEN schema,
as per:

http://murchiso.com/den/specifications/directory-enabled-networks-v3c5-lastcall-no-figs.pdf

(watch out: your mail client linewrap may break this link)

We'll need DEN to enable interoperability with other LDAPv3-fronted
services such as NDS, Active Directory, and several X.500 products.

The DEN schema is open, multi-vendor supported, and will be used
by application environments from Cisco, Lucent, 3Com, Bay (Nortel),
Tivoli, and more, in addition to Novell and Micro$oft.

In addition, the DEN schema and information model are rich enough,
complete enough, for us to use as the foundation for sophisticated
access control and navigation aids for networked services and 
applications. More on this, from me, later.

The Directory Enabled Networks (DEN) specification was developed
with open, public, participation. I'll vouch for that. I participated.
My comments and suggestions were considered openly, fairly, and
without regard to whether or not I was affiliated with a commercial
IS powerhouse (I'm not, BTW).

I'm volunteering to provide the schema, unless someone else already
has it available. As time goes by, I'll offer extensions for review
and possible incorporation into the OpenLDAP out-of-the-box schema.

--
#::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::|
# Larry Bartz                           |                              |
#  lbartz@parnelli.indy.cr.irs.gov      | Ooo, ooo,                    |
#                                       | Ooo, ooo, oooooo!            |
#                                       | I've got a gnu attitude!     |
#  voice (317) 226-7060                 |                              |
#  FAX   (317) 226-6378                 |                              |
#::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::|
 
Kurt D. Zeilenga wrote:
> 
> At 12:58 PM 11/12/98 -0800, Mark D. Anderson wrote:
> >I'd say there are probably several distinct projects here:
> >
> >- extend the out-of-the-box schema in openldap so it at least
> >has all the standard LDAP objectclasses.
> 
> We will be updating the OpenLDAP schema for OpenLDAP 2.X
> to include well defined object classes and attributes.
> This will be done as part of our efforts to support LDAPv3.
> Volunteers needed! Stay tuned to openldap-devel for details.
> 
> >- extend the out-of-the-box schema in openldap for interop
> >with other systems such as NDS or mail systems. These of
> >course would be broken up into distinct objectclasses, and
> >would need to be accompanied by each-way sync utilities with
> >other stores (sendmail, dns, nis, whatever).
> 
> We currently interop with other LDAP servers which support
> U-M-style replication.  We also have a number of efforts
> to support other replication mechanisms.  This, as well,
> is being as part of our OpenLDAP 2.X work.  Volunteers needed!
> Stay tuned to openldap-devel for details.
> 
> >- extend the out-of-the-box schema in openldap to include
> >the schemas shipping out-of-the-box in other ldap servers,
> >to ease switch effort.
> 
> There are a lot of special object classes in use.  Many
> of these are proprietary and their owners may not take
> kindly to our redistribution of their intellectual property.
> 
> Besides, I am not sure it wise to promote use of the
> vendor-specific object classes.  OpenLDAP should promote
> use of open standard object classes and, as such, should
> limit the "out-of-the-box" to such.   Where the standards
> are insufficient, we should draft new ones!
> 
> BTW, we are working on the establishment of a schema
> repository to allow follows to share object classes.
> Volunteers needed!  Stay tuned to openldap-general for
> details.
> 
> Those wishing to volunteer are encouraged to contact
> me personally.
> 
> Kurt