dE wrote:
On 04/20/15 22:10, Quanah Gibson-Mount wrote:--On Monday, April 20, 2015 12:06 PM +0530 dE <de.techno@gmail.com> wrote:I'm concerned about the attributes. Does adding of the top object class (or person) add all attributes to the entry?No. Look up the difference between "MUST" and "MAY". It means it is *possible* to set any of the attributes in an entry, with a value. MUST attributes are required, MAY are optional.
Ok, so you can add attributes which are not included in the 'MAY' of the most subordinate object class the entry belongs to.
Location in the objectclass hierarchy is irrelevant here. You can add attributes that are included in the MUST or MAY of *any* of the classes associated with the object. An object can only have one governing structural object class, but can have arbitrarily many auxiliary object classes, as limited by any DIT content rules that may be in effect for that structural class.
Most LDAP deployments don't use DIT content rules, so there are usually no limits on which auxiliary classes may be used.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/