[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Quick Start Guide

To: Simon Murcott <S.Murcott@optimation.co.nz>
Subject: Re: Quick Start Guide
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Sat, 07 Aug 1999 07:52:00 -0700
Cc: openldap-software@OpenLDAP.org
Organization: OpenLDAP <http://www.openldap.org/>
References: <Pine.LNX.4.05.9908072113510.5600-100000@saab.optimation.co.nz>

Simon Murcott wrote:
> Under the "Add initials items..." section you have an object with two
> "objectClass"es in it. When using multiple "objectClass" attributes one should
> first add "objectClass: top".

Actually, I disagree.  When adding an entry you should specify one structural
object class and any number of auxilary object classes.  You should avoid
listing abstract object classes such as top.  The server will do The Right Thing (tm).

With LDAPv2 (such as OpenLDAP 1.x), the server can just accept the input after
doing it's schema checks.  Servers may or may not add unlisted superior object
classes to the entry.  (OpenLDAP 1.2 implements "not").

With LDAPv3, the server is required to add all unlisted superior object classes
of the named object classes upon add/modify of the entry.  This behavior is
specified in RFC 2251, 3.2.1.   This behavior is being implemented in -devel
for release with OpenLDAP 2.0.

As such, the example works just fine on OpenLDAP 1.x and later releases.

> I have yet to look to see if a schema check would catch this (I have not yet
> deliberately tried to violate the defined schema).

The example should not violation schema.

Kurt

Follow-Ups:
- Re: Quick Start Guide
  - From: Simon Murcott <simonmu@optimation.co.nz>

References:
- Re: Quick Start Guide
  - From: Simon Murcott <simonmu@optimation.co.nz>

Prev by Date: Re: disabling dn substring index
Next by Date: Schema, Schema, Schema
Index(es):
- Chronological
- Thread