Re: objectClass inheritance

[Stefan Egger <iaegger@hta.fhz.ch>]

Tony Earnshaw wrote:
> stefan egger wrote:
>
> > I am object oriented an very glad to see that OpenLDAP now goes in 
> > this direction too. It makes things much easier to understand.
> > I have a design question related to lidf imports.
> >
> > Since v2.1 OpenLDAP enforces the single structural objectClass, which 
> > is mostly inherited from an abstract Objectclass. But I am puzzled by 
> > the auxiliary objectClasses.
> >
> > Do you agree that the scheme design on the ldap server, would not 
> > restrict to extend a person (structural) with a sambaAccount 
> > (auxiliary) objectClass.
> > This makes no sense to me. Should that not be restricted trough the 
> > schema design?
>
>
> This is purely my own feeling (philosophical :), but to me the way this 
> is makes perfect sense. I'm comparing it to, let's say, any any person 
> who happens to exist (structural) and needs a bank account (auxiliary); 
> he can give it up and take a post office account (also auxiliary). Or 
> even add a post office account to the bank account.
>
> Much worse, to my mind, is defining a second structural objectclass and 
> then finding you can't remove it again, when you regret having added it. 
> Maybe that's the same (philosophical) as saying "the man has now got a 
> hearing aid, I regret having given him it, I'd like him to hear properly 
> again without it".
>
> Or maybe that's not what you meant ;)

Maybe I should think about all these things more philosophically. You 
explained excactly what I was not sure about.
But Kurt wrote something about DIT Content Rules. They would restirct 
what I mentioned in my first mail. But since I have read your lines I am 
not happy anymore with that. ;-)

--
S.Egger