[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Replacing the OC attribute

To: <Geert.Van.Muylem@SKYNET.BE>, <openldap-software@OpenLDAP.org>
Subject: Re: Replacing the OC attribute
From: Peter Marschall <peter@adpm.de>
Date: Fri, 23 May 2003 11:42:17 +0200
Content-disposition: inline
In-reply-to: <003301c320fb$2115e8f0$d004c850@apollo>
Organization: ADPM
References: <003301c320fb$2115e8f0$d004c850@apollo>
User-agent: KMail/1.5.1

Hi,

On Friday 23 May 2003 09:15, Geert Van Muylem wrote:
> I was trying to add a mail attribute to an existing entry with a small test
> application...
> This entry had OC top, person an organisationalPerson. By mistake I
> replaced the OC with
> inetOrgPerson (deleting all the others...) without getting any error from
> the server.
> Is this normal? (I tested this on another server where I got an OC
> violation)

To me it looks OK since the following inheritance chain holds
( < means: inherits from)
  top < person < organizationalPerson < inetOrgPerson
Since OpenLDAP has this inheritance chain correctly defined in its 
schema and checks it, there's nothing wrong with it.

Other servers may not have this inheritance chain correctly defined
and may thus get into trouble when replacing objectclasses.
The easiest workaround is then to forbid deletion of structural objectclasses.

Peter

-- 
Peter Marschall
eMail: peter@adpm.de

References:
- Replacing the OC attribute
  - From: "Geert Van Muylem" <Geert.Van.Muylem@skynet.be>

Prev by Date: openldap and crls
Next by Date: BerkeleyDB version
Index(es):
- Chronological
- Thread