Hi,
I have always wondered about directories that have included objectClass top in every entry even though practically any usefull objectClass inherits from top eventually.
Apparantly RFC2256 5.1 requests this:
5.1. objectClass
The values of the objectClass attribute describe the kind of object which an entry represents. The objectClass attribute is present in every entry, with at least two values. One of the values is either "top" or "alias".
( 2.5.4.0 NAME 'objectClass' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
It seems RFC4512 addresses the matter in:
A.3. Changes to RFC 2256
This document incorporates Sections 5.1, 5.2, 7.1, and 7.2 of RFC 2256.
Section 5.1 of RFC 2256 provided the definition of the 'objectClass' attribute type. This was integrated into Section 2.4.1 of this document. The statement "One of the values is either 'top' or 'alias'" was replaced with statement that one of the values is 'top' as entries belonging to 'alias' also belong to 'top'.
So this means objectClass top is still compulsory in every entry as in:
dn: cn=bar,dc=example,dc=com objectClass: top objectClass: alias objectClass: extensibleObject
which means somehting like the following would be illegal:
dn: cn=Hugo,dc=example,dc=com objectClass: person
Can anybody comment on the rationale why this is needed ?
I somehow completely fail to see the purpose.
Greetings Christian
openldap-technical@openldap.org