[Date Prev][Date Next]
Re: Netscape Roaming Profile for OpenLDAP v2
At 07:58 AM 9/5/00 +0200, Hugo.van.der.Kooij@caiw.nl wrote:
>On Mon, 4 Sep 2000, Kurt D. Zeilenga wrote:
>> As anyone bothered to ask Netscape for LDAPv3 schema definitions
>> (in an RFC2252 compatible form)? Or attempted to extract the
>> definitions from any LDAPv3 server which supports this schema?
>These definition come straight out of the NetScape documentation which
>included the OID's.
These are LDAPv2ish definitions. Mapping them to LDAPv3 requires
a detailed understand of their usage. As I am not familiar with
their usage, I cannot provide much more than general guidance.
'bin' generally maps to octet String, not binary String. binary
string implies the syntax is described by ASN.1 and encoded using
Network address/URIs/etc. are generally IA5 strings, not directory
Object classes which are auxiliary should be marked as such.
Object classes should not MAY any operational attribute.
Operational attributes should be marked with appropriate usage.
(You should generally restrict schema extensions to user attributes).
Mapping LDAPv2ish schema (which the roaming schema is) is tricky
as the information model is significantly different from the
Lastly, it is quite likely whatever definition you come up with
differ from the definition provided Netscape (if and when they
do provide an LDAPv3 definition). It is inappropriate
for anyone other then the OID owner to provide a definition for
that OID. As such, new OIDs should be assigned for this
"alternative" definition. You may, however, use the same short
names to provide compatibility with existing applications.
>They are the paper equivelant and require some more labor. (And yes I
>asked but didn't receive anything yet.)
I suggest you find a Netscape LDAPv3 server (they might even have
demo licenses available) with this schema loaded and the read the
definitions from a subschema subentry. Then it's just a simple
edit to create OpenLDAP schema directives.