Re: Documentation Required

[Adam Tauno Williams <adam@morrison-ind.com>]

> I know the pain. If you look at all the docs from openldap, cyrus-sasl, 
> etc. all you get is the tech writer style of techno bs and no single 
> working example of a simple authenticated and secure setup.
> There is new O'Reilly book 'LDAP System Administration' which sheds some 
> light on SASL and SSL/TLS but still no conclusive recipe.
> There is Linux Journal from Dec.2002 devoted to OpenLDAP with lots of 
> articles but no working setups either.
> Hope this helps.

Maybe my presentation at ftp://ftp.kalamazoolinux.org/pub/pdf/ldapv3.pdf
will help.

We defined an object class of 

objectclass ( 1.3.6.1.4.1.6921.1.12
    NAME 'mHybridPerson'
      DESC 'Combine several objectclasses to support multiple MUAs'
    SUP ( inetOrgPerson $ officePerson $ evolutionPerson )
    STRUCTURAL )

which covers just about everything.  Then we descended an object from
that

objectclass ( 1.3.6.1.4.1.6921.1.4
    NAME 'morrisonperson'
      DESC 'Morrison Industries person specific attributes'
    SUP ( mHybridPerson )
    STRUCTURAL
      MAY (
              morrisonbranch $
              morrisoninternalrate $
              morrisonphoneextension $
              otherEmployeeNumber $
              morrisonserialid )
          )

which adds all the site specific stuff.  Those attributes are defined in
our schema.

You can use mHybridPerson if you like, but to extend beyond that you
need to acquire an OID (fortunately that is both easy and free)

I'm also hoping to be able to release onto the Internet our internal
book ("Morrison Industries Enterprise Directory Users & Administration
Guide") as an example (recipe?) as it contains a really detailed account
of what we do with OpenLDAP.  But I have to jump through a few political
hoops first.