[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: how to apply shemas

To: Christian Hammers <ch@westend.com>
Subject: Re: how to apply shemas
From: Dustin Sallings <dustin@spy.net>
Date: Tue, 7 Mar 2000 09:50:02 -0800 (PST)
Cc: openldap-software@OpenLDAP.org
In-reply-to: <20000307135847.B8433@westend.com>

On Tue, 7 Mar 2000, Christian Hammers wrote:

	It's pretty easy to retype those things.

	I was unaware of this draft...It seems like a fairly difficult
approach to the thing.  In my RADIUS server implementation, I made
radiusAttribute be any RADIUS attribute, instead of trying to fit all
possible attributes into my schema.  It makes me less likely to have to
change my schema or application to deal with it.  The schema looks like
this:

objectclass spyRadiusEntry
        requires
                objectclass,
                cn
        allows
                radiusAttribute,
                radiusSuperClass,
                description

	Where radiusSuperClass defines a set of defaults that this class
will be overriding.  The radiusSuperClass points to the dn of another
spyRadiusEntry to extract a set of radiusAttribute attributes from (or
follow to another radiusSuperClass if you want to be sick).  This
basically means I can assign a user the property of being a ``dialup
user'' and have a shared set of attributes for a dialup user, then assign
static IP addresses to users if I need.

	My way may be over-simplified, but it works great for me. : )

# I want to use LDAP for RADIUS accounting/authorization and have a copy of
# the IETF draft-aboba-radius-05.txt. At the end of this draft there is 
# a shema which looks like a ASN.1 notation of rules that define which
# attributes may exist in which objects. 
# 
# How to apply this in openldap? I've found a "schemacheck" in the slapd.conf
# but no config file. slapd.oc.conf looks as it would be something similar
# but it has a different notation. Is there a converter available?
# 
# bye,
# 
#  -christian-
# 
# -- 
# Christian Hammers    WESTEND GmbH - Aachen und Dueren     Tel 0241/701333-0
# ch@westend.com     Internet & Security for Professionals    Fax 0241/911879
# 
# 

--
SA, beyond.com           My girlfriend asked me which one I like better.
pub  1024/3CAE01D5 1994/11/03 Dustin Sallings <dustin@spy.net>
|    Key fingerprint =  87 02 57 08 02 D0 DA D6  C8 0F 3E 65 51 98 D8 BE 
L_______________________ I hope the answer won't upset her. ____________

References:
- how to apply shemas
  - From: Christian Hammers <ch@westend.com>

Prev by Date: Re: Sorting the LDAPSEARCH output
Next by Date: Combined ACL with filter and without ?
Index(es):
- Chronological
- Thread