[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: schema definition precedence

To: Andrew Thomson <ajthomson@optushome.com.au>
Subject: Re: schema definition precedence
From: Michael Ströder <michael@stroeder.com>
Date: Tue, 24 Jun 2003 08:52:23 +0200
Cc: openldap-software@OpenLDAP.org
In-reply-to: <20030624040807.GC1587@athomson.prv.au.itouchnet.net>
References: <20030624040807.GC1587@athomson.prv.au.itouchnet.net>
User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

Andrew Thomson wrote:

unfortunately a developer made the following change to core.schema and
relies on it.

from...
objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' SUP top STRUCTURAL
MUST ( uniqueMember $ cn )
MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )

to...
objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames' SUP top STRUCTURAL
MUST ( cn )
MAY ( uniqueMember $ businessCategory $ seeAlso $ owner $ ou $ o $
description ) )

I'm happy to setup a local.schema file with his changes in it. However
can I leave the NAME as is and just have it override the previous class
defined in the core.schema??

Well, this particular change is somewhat understandable and also done in some LDAP server products (see thread I've started on ietf-ldapbis mailing list about definition of groupOfNames).

But if an application is intended to be compatible with any LDAP server product out there one SHOULD NOT change definitions of standard schema (defined in RFC2256 or others).

Or do I have to change the NAME in my local.schema and get the
programmer to update his code to use my new objectclass??


Yes.

The necessary code changes depend on whatever "use my new objectclass" means. If the application creates the group entries before knowing any members it gets tricky.

Ciao, Michael.

References:
- schema definition precedence
  - From: Andrew Thomson <ajthomson@optushome.com.au>

Prev by Date: Re: Invalid Credentials Error
Next by Date: slurpd from 1.2 to 2.1
Index(es):
- Chronological
- Thread