Troy Knabe wrote:
We have a custom schema and we would like to require that all
in ou=Group have that objectClass in order to be added. Can someone
point me in the direction that I should be looking?
Usually requirements like this are handled by X.500 DIT Structure Rules but we
don't yet support them in OpenLDAP. Instead, use a recent 2.4 release and look
at AddContentACLs - only give write permission for Adds if the correct value
is present in the objectclass attribute.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/