HI!
Looking at section 4.1.7.2. "Name Forms" in http://www.ietf.org/rfc/rfc4512.txt it's not really clear to me whether more than one name form may be associated with the same structural object class. I think it's possible (and I've implemented it that way in web2ldap) but the server I'm currently testing with disallows it.
Ciao, Michael.
Michael Ströder wrote:
HI!
Looking at section 4.1.7.2. "Name Forms" in http://www.ietf.org/rfc/rfc4512.txt it's not really clear to me whether more than one name form may be associated with the same structural object class. I think it's possible (and I've implemented it that way in web2ldap) but the server I'm currently testing with disallows it.
Ciao, Michael.
See X.501 section 12.6.2 Name Form Definition:
If different sets of naming attributes are required for entries of a given structural object class, then a name form must be specified for each distinct set of attributes to be used for naming.
Hi Michael,
Michael Ströder wrote:
HI!
Looking at section 4.1.7.2. "Name Forms" in http://www.ietf.org/rfc/rfc4512.txt it's not really clear to me whether more than one name form may be associated with the same structural object class. I think it's possible (and I've implemented it that way in web2ldap) but the server I'm currently testing with disallows it.
X.500 seems to allow it. Consider X.501:2005, Clause 13.7.2:
"If different sets of naming attributes are required for entries of a given structural object class, then a name form shall be specified for each distinct set of attributes to be used for naming."
Our server also allows it, though we impose restrictions so that there is always only one possible name form that could apply to any given combination of RDN and structural object class.
Regards, Steven
Ciao, Michael.
HI!
Thanks Steven and Howard for pointing out the relevant part in X.501.
Steven Legg wrote:
Michael Ströder wrote:
Looking at section 4.1.7.2. "Name Forms" in http://www.ietf.org/rfc/rfc4512.txt it's not really clear to me whether more than one name form may be associated with the same structural object class. I think it's possible (and I've implemented it that way in web2ldap) but the server I'm currently testing with disallows it.
X.500 seems to allow it. Consider X.501:2005, Clause 13.7.2:
"If different sets of naming attributes are required for entries of a given structural object class, then a name form shall be specified for each distinct set of attributes to be used for naming."Our server also allows it, though we impose restrictions so that there is always only one possible name form that could apply to any given combination of RDN and structural object class.
Hmm, it would be interesting to test this whole stuff against different LDAP server implementations supporting DIT structure rules and name forms (and publishing these schema elements in subschema subentry).
Ciao, Michael.
eDirectory allows (and enforces) multiple naming attributes and expresses it in the schema similar to: X-NDS_NAMING ( 'cn' 'ou' 'uid' )
-jim
On Tue, Jul 1, 2008 at 6:44 AM, Michael Ströder michael@stroeder.com wrote:
HI!
Thanks Steven and Howard for pointing out the relevant part in X.501.
Steven Legg wrote:
Michael Ströder wrote:
Looking at section 4.1.7.2. "Name Forms" in http://www.ietf.org/rfc/rfc4512.txt it's not really clear to me whether more than one name form may be associated with the same structural object class. I think it's possible (and I've implemented it that way in web2ldap) but the server I'm currently testing with disallows it.
X.500 seems to allow it. Consider X.501:2005, Clause 13.7.2:
"If different sets of naming attributes are required for entries of a given structural object class, then a name form shall be specified for each distinct set of attributes to be used for naming."
Our server also allows it, though we impose restrictions so that there is always only one possible name form that could apply to any given combination of RDN and structural object class.
Hmm, it would be interesting to test this whole stuff against different LDAP server implementations supporting DIT structure rules and name forms (and publishing these schema elements in subschema subentry).
Ciao, Michael.
-- Michael Ströder E-Mail: michael@stroeder.com http://www.stroeder.com
Jim Willeke wrote:
eDirectory allows (and enforces) multiple naming attributes and expresses it in the schema similar to: X-NDS_NAMING ( 'cn' 'ou' 'uid' )
Jim, thanks for this information.
But unfortunately this has nothing to do with what LDAPv3 defines in RFC 4512. And the syntax for listing several items is also not compliant to what's common in LDAPv3 schema declarations => I won't support this proprietary extensions in web2ldap.
Ciao, Michael.
-
Howard Chu -
Jim Willeke -
Michael Ströder -
Steven Legg