Require object classes in an OU - openldap-technical - openldap.org

List overview All Threads
Download

Require object classes in an OU

Syncrepl doesn't delete entries?

mirrormode replication issues

Troy Knabe

27 Mar 2009 27 Mar '09

1:46 p.m.

We have a custom schema and we would like to require that all entries in ou=Group have that objectClass in order to be added. Can someone point me in the direction that I should be looking?

Thanks -Troy

Reply

Show replies by date

Howard Chu

29 Mar 29 Mar

8:55 a.m.

Troy Knabe wrote:

We have a custom schema and we would like to require that all entries in ou=Group have that objectClass in order to be added. Can someone point me in the direction that I should be looking?

Usually requirements like this are handled by X.500 DIT Structure Rules but we don't yet support them in OpenLDAP. Instead, use a recent 2.4 release and look at AddContentACLs - only give write permission for Adds if the correct value is present in the objectclass attribute.

-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

Reply

5951

Age (days ago)

5953

Last active (days ago)

openldap-technical@openldap.org

1 comments

2 participants

tags (0)

participants (2)

Howard Chu
Troy Knabe