HI All
I want a list of valid attributes for specific objectClass e.g.
I have a user abc with the dn of this user is
cn=Abc User,ou=accounts,dc=mydom,dc=com
the abc user has these object classes
posixAccount shadowAccount OrginizatinalPerson yubikeyUser
now I want to get the valid schema attribute of yubikeyUser for only the above mentioned user.
Is this possible?
Umar
phpldapadmin seems to do this when adding new attributes to an existing entry (will only list the attributes valid for the objectclasses the entry contains). You might want to check the source to see how they do it.
On Tue, Feb 18, 2014 at 2:43 PM, Umar Draz unix.co@gmail.com wrote:
HI All
I want a list of valid attributes for specific objectClass e.g.
I have a user abc with the dn of this user is
cn=Abc User,ou=accounts,dc=mydom,dc=com
the abc user has these object classes
posixAccount shadowAccount OrginizatinalPerson yubikeyUser
now I want to get the valid schema attribute of yubikeyUser for only the above mentioned user.
Is this possible?
Umar
Umar Draz unix.co@gmail.com schrieb am 18.02.2014 um 20:43 in Nachricht
CAAKRE73BE3w2ocwrpiADBzA7COMPJ0FQ_EBPLnpNLfU7gxuAUQ@mail.gmail.com:
HI All
I want a list of valid attributes for specific objectClass e.g.
In Perl, you could use $schema->may($oc) to get the optionaly attributes for object class $oc ($schema->must($oc) gets the mandatory attributes). You get the schema for the object class $oc with $schema->objectclass($oc), while you get the schema itself with $schema = $ldap->schema() wher $ldap is the LDAP connection object. The ldap connection object is created by Net::LDAP->new($host).
I have a user abc with the dn of this user is
cn=Abc User,ou=accounts,dc=mydom,dc=com
the abc user has these object classes
posixAccount shadowAccount OrginizatinalPerson yubikeyUser
now I want to get the valid schema attribute of yubikeyUser for only the above mentioned user.
You would get the objectClass attribute first, collecting the objectclasses, the you unite the MUST and MAY attributes you get as described above. Basically the schema is based on classes, not on objects, but you can derive the classes from the objects.
Is this possible?
I'd say: Yes.
Umar
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 02/18/2014 08:43 PM, Umar Draz wrote:
HI All
I want a list of valid attributes for specific objectClass e.g.
I have a user abc with the dn of this user is
cn=Abc User,ou=accounts,dc=mydom,dc=com
the abc user has these object classes
posixAccount shadowAccount OrginizatinalPerson yubikeyUser
now I want to get the valid schema attribute of yubikeyUser for only the above mentioned user.
Is this possible?
Umar
I used to do this against older OpenLDAP servers: ldapsearch -x -s base -H <URI-TO-HOST> -D <ADMIN-DN> -W \ -b "cn=subschema" -LLL objectClasses this gave me a list of all object classes with their MAY and MUST
It does not seem to work against newer systems... but haven't investigated.
Dennis
- -- ICT Medewerker Divisie Biomedische Genetica UMC Utrecht Heidelberglaan 100 STR2.126 3584 CX Utrecht The Netherlands 06 27744048 intern: 64048
------------------------------------------------------------------------------
De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. Het Universitair Medisch Centrum Utrecht is een publiekrechtelijke rechtspersoon in de zin van de W.H.W. (Wet Hoger Onderwijs en Wetenschappelijk Onderzoek) en staat geregistreerd bij de Kamer van Koophandel voor Midden-Nederland onder nr. 30244197.
Denk s.v.p aan het milieu voor u deze e-mail afdrukt.
------------------------------------------------------------------------------
This message may contain confidential information and is intended exclusively for the addressee. If you receive this message unintentionally, please do not use the contents but notify the sender immediately by return e-mail. University Medical Center Utrecht is a legal person by public law and is registered at the Chamber of Commerce for Midden-Nederland under no. 30244197.
Please consider the environment before printing this e-mail.
openldap-technical@openldap.org
-
Dennis Leeuw -
Michael Proto -
Ulrich Windl -
Umar Draz