Re: Schema for Java objects and AD (draft-ryan-java-schema-01.rev.txt)

[Vincent Ryan <Vincent.Ryan@Ireland.Sun.COM>]

> Manish Gupta wrote:
> 
> One of my collegaues just came across the following schema extension
> restrictions placed by AD.
> 
> From "Extending the Schema" document:
> 
> "You cannot add a new mustContain to a class (directly or through
> inheritance by adding an auxiliary class)"
> 
> Thus, I am unable to extend AD to accomodate the schema proposed in
> draft-ryan-java-schema-01.rev.txt. The javaObject abstract class has
> the mustContain attribute javaClassName and all aux classes such as
> javaSerializedObject, etc. are derived from javaObject.
> 
> In this case I tend to think Microsoft has gotten it right. I dont
> very much like the concept of mustContain attributes in aux. classes.
> 
> Comments?
> 
> Manish Gupta

LDAP follows the X.500 data model and that model permits
mandatory and optional attributes to be defined for auxiliary
object classes. Several such classes are defined in RFC-2256:
strongAuthenticationUser, certificationAuthority.

BTW I notice that the AD schema already defines an auxiliary
object class called 'mailRecipient' which contains a mandatory
'cn' attribute.