Re[2]: (ITS#3798) MAY is MUST ?

Hello Pierangelo,

thank you for these informations.

i do not understand why is working out on 2.2.26 ?

With the same schema & slapd.conf & data (ldif) there isn't any

i see nothing in the CHANGES about this.

Saturday, June 25, 2005, 3:25:18 PM, you wrote:

>>  hello,
>>  when i try to add an entry to the ldap, i got : entry failed schema
>>  check: object class 'qmailUser' requires attribute 'sn'
>>  but the qmailUser is : objectclass ( NAME
>>  'qmailUser' DESC 'qmail local mail recipient' SUP ( top $ person $
>>  organizationalPerson ) MAY ( qmailGID $ qmailUID $ qmaildomain $
>>  mailQuota $ mailMessageStore $ clearPassword $ uid $ name $ sn $ cn $
>>  mail $ gn) )
>>  the MAY indicates it's optional (i think so).
>>  any clue ?

PM> Yes: "sn" is MUST in "person", which "qmailUser" is derived from.
PM> According to <draft-ietf-ldapbis-models>, derived objectClasses may turn
PM> MAY attributes into "MUST" attributes, but "MUST" attributes of ancestor
PM> classes cannot be turned into "MAY" by a descendant class.  So, as far
PM> as I understand the specifications, the above objectClass definition for
PM> "qmailUser" is malformed, i.e. "cn" and "sn" cannot be "MAY" since
PM> they're already "MUST" in "person".

PM> By no means this indicates a software issue with OpenLDAP, so this ITS
PM> will be closed.

PM> p.

