Michael Ströder wrote:
Manuel Gaupp wrote:I don't think so, because RFC 4512, section 3.3 says: "When creating an entry or adding an 'objectClass' value to an entry, all superclasses of the named classes SHALL be implicitly added as well if not already present. [...]" If I'm interpreting this correctly, the OpenLDAP behaviour is a bug.Well, "implicitly added" is a bit vague to call it a bug since the entries are returned when searching for the superior object class.
In the sense that "implicit" is the opposite of "explicit" the OpenLDAP behavior is exactly correct. Also as a general rule the X.500 data model requires that a server store and return exactly what the user provided.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/