[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapd permits unknown object classes with "schemacheck on"

To: Thomas J Pinkl <tom@hbsrx.com>
Subject: Re: slapd permits unknown object classes with "schemacheck on"
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Tue, 22 Aug 2000 07:31:45 -0700
Cc: openldap-software@OpenLDAP.org
In-reply-to: <20000821161718.A14763@shire.hbsrx.com>

At 04:17 PM 8/21/00 -0400, Thomas J Pinkl wrote:
>While playing with the MigrationTools from padl.com, I noticed that 
>slapd in OpenLDAP 1.2.11 allows you to add entries of unknown objectClass 
>when "schemacheck on" is specified in slapd.conf.

This is the default behavior.  An unknown objectClass value is
treated as extensibleObject.  See archives of this list and/or
bugs list and/or Issue Tracking System for details (including how
to disable this default).

>For example, it allows the addition of this entry:
>
>    dn: cn=MAILER-DAEMON,ou=aliases,dc=domain,dc=com
>    cn: MAILER-DAEMON
>    rfc822MailMember: root
>    objectClass: top
>    objectClass: nisMailAlias
>
>even though "nisMailAlias" is not defined as an object class in any of 
>the schema configuration files.
>
>Is this the expected behavior?
>
>-- 
>Thomas J. Pinkl                         738 Louis Drive
>Unix Systems Programmer                 Warminster, Pa 18974
>Health Business Systems, Inc.           (215) 442-9300 x9260

References:
- slapd permits unknown object classes with "schemacheck on"
  - From: Thomas J Pinkl <tom@hbsrx.com>

Prev by Date: Re: Trouble implementing a hierarchial namespace
Next by Date: RE: OpenLDAP 2.0 Administrator's Guide
Index(es):
- Chronological
- Thread