[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: adding mail objectClass to schema

To: "Darouichi, Aziz" <adarouic@post03.curry.edu>
Subject: Re: adding mail objectClass to schema
From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
Date: Fri, 2 Aug 2013 19:16:56 +0100
Cc: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Content-disposition: inline
In-reply-to: <2398337E30371A47B556742B49C7805B644A9E4AA5@EXCCRMBX01.Currynet.local>
References: <2398337E30371A47B556742B49C7805B644A9E4AA5@EXCCRMBX01.Currynet.local>
User-agent: Mutt/1.5.21 (2010-09-15)

On Thu, Aug 01, 2013 at 01:57:14PM -0400, Darouichi, Aziz wrote:

> dn: cn=Google,ou=Group,dc=curry,dc=edu
> objectclass: groupOfUniqueNames
> cn:
> mail:
> description:
> uniqueMember:
> uniqueMember:
>  
> 
> when I try to add  the file I get the following error:    adding new entry "cn=
> Google,ou=Group,dc=curry,dc=edu"
> 
> ldap_add: Object class violation (65)
> 
>         additional info: attribute 'mail' not allowed

That is correct. The definition of groupOfUniqueNames is:

objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames'
        DESC 'RFC2256: a group of unique names (DN and Unique Identifier)'
        SUP top STRUCTURAL
        MUST ( uniqueMember $ cn )
        MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description )
)

'mail' is not listed as an allowed attribute. If you want to add that
attribute then you also need to include a suitable auxiliary object class
that permits it. I don't think there is such a class in the standard
set, so you will have to create one of your own. That is probably a good
thing to do anyway, and you could start with a definition like this:

objectclass ( 1.2.826.0.1.3458854.666.1.1 NAME 'curryEduMailObject'
	DESC 'Aux object class for curry.edu'
	SUP top
	AUXILIARY
	MAY ( mail )
)

Your entry now has two objectclasses:

dn: cn=Google,ou=Group,dc=curry,dc=edu
objectclass: groupOfUniqueNames
objectclass: curryEduMailObject
cn:
mail:
description:
uniqueMember:
uniqueMember:

Ideally you should use an OID based on your own institution's allocation,
but that is not critical at this stage.

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |
-----------------------------------------------------------------------

Follow-Ups:
- Re: adding mail objectClass to schema
  - From: Michael Ströder <michael@stroeder.com>

References:
- adding mail objectClass to schema
  - From: "Darouichi, Aziz" <adarouic@post03.curry.edu>

Prev by Date: Re: mdb fixes for 2.4.35?
Next by Date: Re: separate login/password for several services?
Index(es):
- Chronological
- Thread