On 1/8/20 7:07 PM, Quanah Gibson-Mount wrote:
--On Wednesday, January 8, 2020 3:25 PM +0000 Markus.Storm@t-systems.com wrote:
is there a way to disable OpenLDAP checking entries for existence of STRUCTURAL objectclasses?
No. This is a hard requirement. The best option would be to fix the bad data in your upstream system.
One possibility to fix this: Define a new STRUCTURAL object class derived from different other STRUCTURAL object classes.
E.g. in Æ-DIR I'm using this to provide hybrid posixGroup entries serving RFC 2307 and RFC 2307bis groups:
( 1.3.6.1.4.1.5427.1.389.100.6.1 NAME 'aeGroup' DESC 'AE-DIR: Group entry' SUP ( groupOfEntries $ posixGroup $ groupOfURLs $ aeObject ) STRUCTURAL MUST description MAY ( aeMemberZone $ aeDept $ aeLocation ) )
This works because unlike other LDAP directory servers OpenLDAP supports multiple class inheritance.
Ciao, Michael.