directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <elecha...@apache.org>
Subject Re: multiple structural objectClasses valid?
Date Thu, 10 May 2007 14:16:36 GMT
Hi Ersin,

Ersin Er a écrit :

> Hi,
>
> LDAP allows a single branch of structural objectClasses hierarchy to
> be added to an entry. 

Damn ! RFC 2252 states nothing about it :

4.4. Object Classes

   The format for representation of object classes is defined in X.501
   [3]. In general every entry will contain an abstract class ("top" or
   "alias"), ***at least one structural object class***, and zero or more
   auxiliary object classes...



RFC 4512 is pretty clear :

*2.4.2.  Structural Object Classes*

   As stated in [X.501]:

      An object class defined for use in the structural specification of
      the DIT is termed a structural object class.  Structural object
      classes are used in the definition of the structure of the names
      of the objects for compliant entries.

      An object or alias entry is characterized by precisely one
      structural object class superclass chain which has a single
      structural object class as the most subordinate object class.
      This structural object class is referred to as the structural
      object class of the entry.


Which means that you can have more than one structural ObjectClass into 
an entry *IF* they are in an inheritence chain.

For instance, you can have an entry with :

InetOrgPerson (structural)
OrganizationalPerson (structural)
Person (structural)
Top (Abstract).

But in the sample given, we have a problem, because we have two 
inheritence chains :
automountMap(structural) --> top (Abstract)
and
organizationalUnit (Structural) --> top( Abstract)

and this is a bug.

I repoen the issue I just closed...

Thanks Ersin !

> So top, person, inetOrgPerson are possible
> objectClass values for an entry, but you cannot add an
> organizationalUnit in that group.
>
> If ApacheDS allows you to do something different, than just file a 
> Jira issue.
>
> On 5/10/07, Martin Marcher <martin.marcher@gmail.com> wrote:
>
>> hello,
>>
>> I'm putting our autofs in ldap now and wanted to be extra smart and 
>> added
>>
>> dn: ou=auto.master,dc=example,dc=com
>> objectClass: automountMap
>> objectClass: organizationalUnit
>> objectClass: top
>> ou: auto.master
>>
>> now ldapstudio shows me that both automountMat and organizationalUnit
>> are structural. I read somewhere
>> (http://www.oav.net/mirrors/ldapv3.pdf page 22f not exactly a
>> reference but that was the first place i found it again) that this is
>> a violation for LDAP as there is only one structural objectClass
>> allowed and others should be auxiliary.
>>
>> Do I have wrong infos here or did I find something?
>>
>> cheers martin
>>
>>
>>
>> -- 
>> Martin Marcher
>> martin.marcher@gmail.com
>> http://www.mycorners.com
>> https://www.xing.com/profile/Martin_Marcher
>> http://www.linkedin.com/in/martinmarcher
>> http://www.studivz.net/profile.php?ids=9f83ea8c5996b8ec
>> http://www.amazon.de/gp/registry/wishlist/3KDAGCL2NKOIM/ref=reg_hu-wl_goto-registry/302-4432803-5146435?ie=UTF8&sort=date-added

>>
>>
>
>


Mime
View raw message