Re: objectClass inheritance

[Tony Earnshaw <tonye@billy.demon.nl>]

stefan egger wrote:

> I am object oriented an very glad to see that OpenLDAP now goes in this 
> direction too. It makes things much easier to understand.
> I have a design question related to lidf imports.
>
> Since v2.1 OpenLDAP enforces the single structural objectClass, which is 
> mostly inherited from an abstract Objectclass. But I am puzzled by the 
> auxiliary objectClasses.
>
> Do you agree that the scheme design on the ldap server, would not 
> restrict to extend a person (structural) with a sambaAccount (auxiliary) 
> objectClass.
> This makes no sense to me. Should that not be restricted trough the 
> schema design?

This is purely my own feeling (philosophical :), but to me the way this 
is makes perfect sense. I'm comparing it to, let's say, any any person 
who happens to exist (structural) and needs a bank account (auxiliary); 
he can give it up and take a post office account (also auxiliary). Or 
even add a post office account to the bank account.

Much worse, to my mind, is defining a second structural objectclass and 
then finding you can't remove it again, when you regret having added it. 
Maybe that's the same (philosophical) as saying "the man has now got a 
hearing aid, I regret having given him it, I'd like him to hear properly 
again without it".

Or maybe that's not what you meant ;)

--Tonni

--
Tony Earnshaw

Once the camel's head has entered your tent,
it's very difficult to stop the rest of the
animal from following it

http://www.billy.demon.nl
Mail: tonye-at-billy.demon.nl