[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Distinguished Name and Entry values


yes it depends on how you declare the entry. certain entries require certain attributes that MUST be filled in. For example, if you have

dn: cn=xyz,ou=abc,o=ddd,c=sss.com

then typically an entry like this could be defined as

dn: cn=xyz,ou=abc,o=ddd,c=sss.com

in which case, the objectClass dictates what components are required and what are obligatory (check core.schema inetorgperson.schema etc in /usr/local/etc/openldap/schema). So in the definition above

cn is required for objectclass person.

For the others such as ou, o and c, these should have already been defined but if not then yes, they must exist as well

Typically I use

dn: cn=myname,ou=sub_sub_group,ou=subgroup,o=mycompany

so i have the following definitions:

dn: o=mycompany
objectclass: top
objectclass: organization
o: mycompany

dn: ou=subgroup, o=mycompany
objectclass: top
objectclass: organizationalunit
ou: mycompany

dn: ou=sub_sub_group, ou=subgroup, o=mycompany
objectclass: top
objectclass: organizationalunit
ou: sub_sub_group

I hope that helps. Good luck!


At 10:21 PM 11/9/2001 +0800, you wrote:
Hi, all

Let's say I have dn : cn=xyz, ou=abc, o=ddd,c=ss
So , does that mean that I muz have the following as the
attribute values.
cn: xyz

Any reason for doing that?

Thanz a lot

sze yee