[Date Prev][Date Next]
Re: objectClass inheritance
Tony Earnshaw wrote:
stefan egger wrote:
I am object oriented an very glad to see that OpenLDAP now goes in
this direction too. It makes things much easier to understand.
I have a design question related to lidf imports.
Since v2.1 OpenLDAP enforces the single structural objectClass, which
is mostly inherited from an abstract Objectclass. But I am puzzled by
the auxiliary objectClasses.
Do you agree that the scheme design on the ldap server, would not
restrict to extend a person (structural) with a sambaAccount
This makes no sense to me. Should that not be restricted trough the
This is purely my own feeling (philosophical :), but to me the way this
is makes perfect sense. I'm comparing it to, let's say, any any person
who happens to exist (structural) and needs a bank account (auxiliary);
he can give it up and take a post office account (also auxiliary). Or
even add a post office account to the bank account.
Much worse, to my mind, is defining a second structural objectclass and
then finding you can't remove it again, when you regret having added it.
Maybe that's the same (philosophical) as saying "the man has now got a
hearing aid, I regret having given him it, I'd like him to hear properly
again without it".
Or maybe that's not what you meant ;)
Maybe I should think about all these things more philosophically. You
explained excactly what I was not sure about.
But Kurt wrote something about DIT Content Rules. They would restirct
what I mentioned in my first mail. But since I have read your lines I am
not happy anymore with that. ;-)