[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: dc question



>>>I would postulate that the dc in an objectClass dc has nothing
>>>whatsoever to do with the dc as part of the dn attribute in an rdn.
>>Wrong.  Read the LDAP standard (rfc2251), section 3.2 (Data Model):
>>   (...) Entries have names: one or more attribute values
>>   from the entry form its relative distinguished name (RDN), (...)
>Noted. But what's done can't be undone
>>>You want to put: dc: Snoggit instead of dc: blabla, that's o.k. with
>>>Openldap 2.1.5.
>>Yes, as other have said, OpenLDAP does not check this requirement.
>And the day it does, what happens to "People around the World in
>general"s' working DITs?

If they obeyed the rules, they will never notice when OpenLDAP starts to 
enforce this.  OpenLDAP has steadily grown more forceful about people 
keeping the rules, the structureal/auxillary object class relationship is 
one example.

It is clear even in the definition of the rdn (attribute of the object 
that makes it unique within its context) that the rdn is a presentation in 
the dn of an existing attribute.