Re: [ldapext] groupOfEntries object class proposal

[Andrew Findlay <andrew.findlay@skills-1st.co.uk>]

On Tue, Sep 18, 2007 at 12:44:33PM +1000, Ramsay, Ron wrote:

> Why not try to get the appropriate RFC revised to make 'member'
> optional?

The trouble with changing an existing schema element is that users
would have to synchronise the change across all their clients and
servers. It seems a bad idea to create a situation where each end of a
network connection could be working to a different definition.

> Even simply making 'member' optional in your own implementations, though
> inviting interoperability problems, would seem to have fewer issues than
> introducing a new object class. In fact, I think it is common to find
> that 'member' is optional inthe field.

That suggests that people are deliberately changing the standard
schema definitions, which is bad because of the interoperability
problems that could be caused.

I never use groupOfNames in my own designs for exactly this reason, so
I always define a new group class that permits empty groups. While
this is an easy thing to do, it appears that many people do not like
to define new classes which leads to nasty hacks and trouble stored up
for the future. I hope that by defining a standard class with the
behaviour that people actually need we can encourage better practices.

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |
-----------------------------------------------------------------------

_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext