directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ersin Er" <ersin...@gmail.com>
Subject Re: multiple structural objectClasses valid?
Date Thu, 10 May 2007 14:18:41 GMT
On 5/10/07, Emmanuel Lecharny <elecharny@apache.org> wrote:
> Hi Ersin,
>
> Ersin Er a écrit :
>
> > Hi,
> >
> > LDAP allows a single branch of structural objectClasses hierarchy to
> > be added to an entry.
>
> Damn ! RFC 2252 states nothing about it :
>
> 4.4. Object Classes
>
>    The format for representation of object classes is defined in X.501
>    [3]. In general every entry will contain an abstract class ("top" or
>    "alias"), ***at least one structural object class***, and zero or more
>    auxiliary object classes...
>
>
>
> RFC 4512 is pretty clear :
>
> *2.4.2.  Structural Object Classes*
>
>    As stated in [X.501]:
>
>       An object class defined for use in the structural specification of
>       the DIT is termed a structural object class.  Structural object
>       classes are used in the definition of the structure of the names
>       of the objects for compliant entries.
>
>       An object or alias entry is characterized by precisely one
>       structural object class superclass chain which has a single
>       structural object class as the most subordinate object class.
>       This structural object class is referred to as the structural
>       object class of the entry.
>
>
> Which means that you can have more than one structural ObjectClass into
> an entry *IF* they are in an inheritence chain.
>
> For instance, you can have an entry with :
>
> InetOrgPerson (structural)
> OrganizationalPerson (structural)
> Person (structural)
> Top (Abstract).
>
> But in the sample given, we have a problem, because we have two
> inheritence chains :
> automountMap(structural) --> top (Abstract)
> and
> organizationalUnit (Structural) --> top( Abstract)
>
> and this is a bug.
>
> I repoen the issue I just closed...
>
> Thanks Ersin !

NP :-)

BTW I had already reopened the issue with same concerns.

> > So top, person, inetOrgPerson are possible
> > objectClass values for an entry, but you cannot add an
> > organizationalUnit in that group.
> >
> > If ApacheDS allows you to do something different, than just file a
> > Jira issue.
> >
> > On 5/10/07, Martin Marcher <martin.marcher@gmail.com> wrote:
> >
> >> hello,
> >>
> >> I'm putting our autofs in ldap now and wanted to be extra smart and
> >> added
> >>
> >> dn: ou=auto.master,dc=example,dc=com
> >> objectClass: automountMap
> >> objectClass: organizationalUnit
> >> objectClass: top
> >> ou: auto.master
> >>
> >> now ldapstudio shows me that both automountMat and organizationalUnit
> >> are structural. I read somewhere
> >> (http://www.oav.net/mirrors/ldapv3.pdf page 22f not exactly a
> >> reference but that was the first place i found it again) that this is
> >> a violation for LDAP as there is only one structural objectClass
> >> allowed and others should be auxiliary.
> >>
> >> Do I have wrong infos here or did I find something?
> >>
> >> cheers martin
> >>
> >>
> >>
> >> --
> >> Martin Marcher
> >> martin.marcher@gmail.com
> >> http://www.mycorners.com
> >> https://www.xing.com/profile/Martin_Marcher
> >> http://www.linkedin.com/in/martinmarcher
> >> http://www.studivz.net/profile.php?ids=9f83ea8c5996b8ec
> >> http://www.amazon.de/gp/registry/wishlist/3KDAGCL2NKOIM/ref=reg_hu-wl_goto-registry/302-4432803-5146435?ie=UTF8&sort=date-added
> >>
> >>
> >
> >
>
>


-- 
Ersin
Mime
View raw message