Re: ldap schema

slyle@plasticmoldings.com writes:

> Thank you that is good input.
> Just to re-phrase you are implying I should change "objectClass: account" to "objectClass: inetorgperson"
> Is this your suggestion?

Yes, if you don't require any attributes of object class account, but
this would be a violation anyhow.

>> dn: uid=bbonzai,ou=People,dc=pmc
>> objectClass: top
>> objectClass: account
>> objectClass: posixAccount
>> objectClass: shadowAccount
>> ---
>> ldap_add: Invalid syntax (21)
>>         additional info: objectClass: value #1 invalid per syntax
>> ---
>> Which of the four objectClasses above are in error?
>> Which schema of the five default (from the slapd.conf included in the 
>> installation of version 2.2.28) is being used to define the syntax so I 
>> can lookup the correct schema?
> The object class account will get you into trouble, as it is not what
> you probably think it should be :-)
> An account is not a person!
> You are better off with object classes of the person chain,
> inetorgperson would be a good choice.


