[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ActiveDirectory schema

To: rweltman@netscape.com (Rob Weltman), ietf-ldapext@netscape.com
Subject: Re: ActiveDirectory schema
From: Erik Skovgaard <eskovgaard@geotrain.com>
Date: Sat, 12 Jun 1999 18:20:38 -0700
In-reply-to: <3762C3EF.BCDD0105@netscape.com>
Resent-date: Sat, 12 Jun 1999 18:28:06 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"tuxjdC.A.7uC.EkwY3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

Rob,

No, it is *not* OK to modify the standard Object Classes - especially when
the OID is a standard one.

For whatever it is worth, nor is OK to create funny non-standard Structural
Object Classes (i.e. inetOrgPerson) that people get tempted to use instead
of the basic ones.  All extensions to the standard schema should be Aux.
Object Classes, IMHO.  Or else there's only pain to gain.

Cheers,                 ....Erik.

----------------------------------
Erik Skovgaard
GeoTrain Corp.
Enterprise Directory Engineering
http://www.geotrain.com
 

At 13:32 1999-06-12 -0700, Rob Weltman wrote:
>   I was looking at the schema published in ActiveDirectory (Windows 2000
>Beta 3) and was a little puzzled. It looks like the objectclass "top" has
>been considerably extended: top 
>        OID 
>                2.5.6.0 
>        Required 
>                objectClass 
>                instanceType 
>                nTSecurityDescriptor 
>                objectCategory 
>        Optional 
>                cn 
>                description 
>                distinguishedName 
>                whenCreated 
>                whenChanged 
>                subRefs 
>                displayName 
>                uSNCreated 
>                isDeleted 
>                dSASignature 
>                objectVersion 
>                repsTo 
>                repsFrom 
>                memberOf 
>                uSNChanged 
>                uSNLastObjRem 
>                showInAdvancedViewOnly 
>                adminDisplayName 
>                proxyAddresses 
>                adminDescription 
>                extensionName 
>                uSNDSALastObjRemoved 
>                displayNamePrintable 
>                directReports 
>                wWWHomePage 
>                USNIntersite 
>                name 
>                objectGUID 
>                replPropertyMetaData 
>                replUpToDateVector 
>                flags 
>                revision 
>                wbemPath 
>                fSMORoleOwner 
>                systemFlags 
>                siteObjectBL 
>                serverReferenceBL 
>                nonSecurityMemberBL 
>                queryPolicyBL 
>                wellKnownObjects 
>                isPrivilegeHolder 
>                partialAttributeSet 
>                managedObjects 
>                partialAttributeDeletionList 
>                url 
>                lastKnownParent 
>                bridgeheadServerListBL 
>                netbootSCPBL 
>                isCriticalSystemObject 
>                frsComputerReferenceBL 
>                fRSMemberReferenceBL 
>                uSNSource 
>                fromEntry 
>                allowedChildClasses 
>                allowedChildClassesEffective 
>                allowedAttributes 
>                allowedAttributesEffective 
>                possibleInferiors 
>                canonicalName 
>                proxiedObjectName 
>                sDRightsEffective 
>                dSCorePropagationData 
>                otherWellKnownObjects 
>                mS-DS-ConsistencyGuid 
>                mS-DS-ConsistencyChildCount 
>                createTimeStamp 
>                modifyTimeStamp 
>                subSchemaSubEntry   Some of the new attributes are
>operational. But is it really okay to redefine "top"?   There is also a
>minor bug in that there is a missing space after the left parenthesis for
>the MAY and MUST lists: objectClasses: ( 1.2.840.113556.1.5.74 NAME
>'categoryRegistration' SUP leaf S 
> TRUCTURAL MAY (localeID $ categoryId $ managedBy $ localizedDescription ) ) 
>  Rob 
>

Follow-Ups:
- Re: ActiveDirectory schema
  - From: dboreham@netscape.com (David Boreham)
- Re: ActiveDirectory schema
  - From: Helmut Volpers <helmut.volpers@icn.siemens.de>

References:
- ActiveDirectory schema
  - From: rweltman@netscape.com (Rob Weltman)

Prev by Date: Re: ActiveDirectory schema
Next by Date: Re: ActiveDirectory schema
Index(es):
- Chronological
- Thread