Andrew Bartlett wrote:
I'm not quite sure what I'm looking for here, sorry:
I'm not quite sure if I correctly understood what you're trying to do because I don't have access to all relevant schema definitions.
In using OpenLDAP, I'm hoping to avoid having to write that logic, so I stopped adding extensibleObject to all our objectClass values, and replaced it with samba4Top, contaning all the things that AD's top contains, but OpenLDAPs does not.
Could you please post definition of 'samba4Top'?
So far so good, but AD has: dn: CN=Domain-DNS,${SCHEMADN} objectClass: top objectClass: classSchema subClassOf: domain systemAuxiliaryClass: samDomain
This is the AD-specific schema entry which gets converted to a DIT content rule in the LDAPv3-compliant subschema subentry. Yes?
Looking at http://www.grotan.com/ldap/microsoft.ext.schema
I created entries in my schema file like:
dITContentRule ( 1.2.840.113556.1.5.67 NAME 'domainDNS' AUX ( samDomain ) )
dITContentRule ( 1.2.840.113556.1.5.3 NAME 'samDomain' AUX ( samDomainBase ) )
This created two problems: It appears that you cannot create a ditContentRule for a non-structural objectClass
Yes, see section 4.1.6. of RFC 4512. You should try not to violate this because leads to interop problems with LDAPv3 compliant implementations. (My web2ldap obeys DIT content rules governing STRUCTURAL object classes when showing select lists for choosing object classes when modifying an entry.)
(samDomain is AUXILIARY), and even if I do, I can't tack on the samba4Top on the end, because of:
How are 'domainDNS' and 'samDomain' defined? Is 'domainDNS' STRUCTURAL?
Just some wild guess since I don't have everything needed at hand: How about defining 'samba4Top' as ABSTRACT object class and derive 'samDomain' as AUXILIARY from it?
Ciao, Michael.