[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Why is the difference of "objectclass: organization" and "objectclass: domain"?



On Wed, 24 Nov 2004, Tay, Gary wrote:

> dn: dc=example,dc=com
> objectclass: top
> # For RedHat use the next line
> #objectclass: organization
> # For Solaris use the next line
> objectclass: domain
> objectClass: nisDomainObject
> nisDomain: example.com
> objectclass: dcObject
> o: Example Companies
> dc: example
> 
> Anyone bother to explain why it is so? Why is the difference of
> "objectclass: organization" and "objectclass: domain"?

I have no idea (I assume you wanted an answer from me, since it was sent 
to me as well as the list).

I think you're supposed to have both "domain" and "dcObject" classes if 
you're using the "dc" attribute; "dcObject" is an auxiliary class that has 
"dc" as a MUST (both are in core.schema), and it's mixed in with "domain" 
(in cosine.schema) which is a structural class that also has it as a MUST 
(along with a bunch of MAY stuff).  At least, that's the assumption made 
by my checker script, and both 2.1 and 2.2 were happy with it...

I have no idea why RedHat wants "organization" or why Solaris wants 
"nisDomainObject" (I don't use either of them) but my guess is that both 
suppliers have seen fit to amend the schema in some way.  Note in 
particular that Solaris has its own version of LDAP, and that RedHat 
distributions are invariably broken in some way.

-- 
Dave Horsfall  DTM  VK2KFU  daveh@ci.com.au  Ph: +61 2 8425-5508 (d) -5500 (sw)
Corinthian Engineering, Level 1, 401 Pacific Hwy, Artarmon, NSW 2064, Australia