OpenLDAP/FreeBSD: How to implement attribute HOST without
STRUCTURAL account?
O. Hartmann
ohartman at zedat.fu-berlin.de
Tue Apr 29 11:01:26 UTC 2008
Jonathan Chen wrote:
> On Tue, Apr 29, 2008 at 10:07:44AM +0000, O. Hartmann wrote:
>> Hello out there,
>> my question may sound a bit weird, but the situation is as follows:
>>
>> I use OpenLDAP 2.4 for authetication purposes within our lab's net and
>> every user's account is of the objectclass 'posixAccount'. As we know,
>> this class does not contain the attribute 'host', which belongs to
>> structural class 'account' and both posixAccount and account are of
>> type structural and therefore can not be mixed.
>
> Is there really such a rule? There's an of examples in
> O'Reilly's "LDAP System Administration" that has a mixed
> "account" + "posixAccount" objectClasses for a node to implement
> the situation of: One User and a Group of Hosts.
Well, simply try to include both structural object classes 'account' and
posixAccount and you'll get a class violation - so it is here ...
Oliver
P.S. O'Reilly's book seems to be a little bit outdated, it reflects
schemata prior to OpenLDAP 2.3 I guess and I use 2.4 by the way. I read
many turoials mixin up both account and posixAccount but this isn't
allowed any more with newer versions - as I understand.
More information about the freebsd-questions
mailing list