[x500standard] Re: Object class defition

  • From: Steven Legg <steven.legg@xxxxxxxxxxxxxxxxxx>
  • To: x500standard@xxxxxxxxxxxxx
  • Date: Mon, 30 Jan 2012 12:30:06 +1100


Hi Jean-Paul,

I wouldn't change the ldapName fields from fixed-type value fields
to fixed-type value set fields. It makes little difference for
typical usage, for example,

    LDAP-NAME { "foo" | "bar" }

rather than

    LDAP-NAME { "foo", "bar" }

but value set notation allows other constructs that are difficult
to convert to a list of names and some that can't be converted to a
finite list of names, e.g.,

    LDAP-NAME { PATTERN "foobar.*" }

We need to convert to a finite list of names to create the equivalent
schema operational attribute values.

Regards,
Steven

On 27/01/2012 8:01 PM, Jean-Paul Lemaire wrote:

Hi,

I agree that for object classes and attribute types, multiple ldap names
should be supported. It Is also possible to modify the information object
classes as follows:

OBJECT-CLASS ::= CLASS {
   &Superclasses         OBJECT-CLASS OPTIONAL,
   &kind                 ObjectClassKind DEFAULT structural,
   &MandatoryAttributes  ATTRIBUTE OPTIONAL,
   &OptionalAttributes   ATTRIBUTE OPTIONAL,
   &LdapName             UTF8String OPTIONAL,
   &ldapDesc             UTF8String OPTIONAL,
   &id                   OBJECT IDENTIFIER UNIQUE }
WITH SYNTAX {
   [SUBCLASS OF&Superclasses]
   [KIND&kind]
   [MUST CONTAIN&MandatoryAttributes]
   [MAY CONTAIN&OptionalAttributes]
   [LDAP-NAME&LdapName]
   [LDAP-DESC&ldapDesc]
   ID&id }

ATTRIBUTE ::= CLASS {
   &derivation               ATTRIBUTE OPTIONAL,
   &Type                     OPTIONAL, -- either&Type or&derivation
required
   &equality-match           MATCHING-RULE OPTIONAL,
   &ordering-match           MATCHING-RULE OPTIONAL,
   &substrings-match         MATCHING-RULE OPTIONAL,
   &single-valued            BOOLEAN DEFAULT FALSE,
   &collective               BOOLEAN DEFAULT FALSE,
   &dummy                    BOOLEAN DEFAULT FALSE,
   -- operational extensions
   &no-user-modification     BOOLEAN DEFAULT FALSE,
   &usage                    AttributeUsage DEFAULT userApplications,
   &ldapSyntax               SYNTAX-NAME.&id OPTIONAL,
   &LdapName                 UTF8String OPTIONAL,
   &ldapDesc                 UTF8String OPTIONAL,
   &attributeDescription     UTF8String OPTIONAL,
   &id                       OBJECT IDENTIFIER UNIQUE }
WITH SYNTAX {
   [SUBTYPE OF&derivation]
   [WITH SYNTAX&Type]
   [EQUALITY MATCHING RULE&equality-match]
   [ORDERING MATCHING RULE&ordering-match]
   [SUBSTRINGS MATCHING RULE&substrings-match]
   [SINGLE VALUE&single-valued]
   [COLLECTIVE&collective]
   [DUMMY&dummy]
   [NO USER MODIFICATION&no-user-modification]
   [USAGE&usage]
   [LDAP-SYNTAX&ldapSyntax]
   [LDAP-NAME&LdapName]
   [LDAP-DESC&ldapDesc]
   [ATTRIBUTE DESCRIPTION&attributeDescription]
   ID&id }

Jean-Paul.
-----Message d'origine-----
De : x500standard-bounce@xxxxxxxxxxxxx
[mailto:x500standard-bounce@xxxxxxxxxxxxx] De la part de David Wilson
Envoyé : vendredi 27 janvier 2012 09:05
À : x500standard@xxxxxxxxxxxxx
Objet : [x500standard] Re: Object class defition


On 27 Jan 2012, at 04:49, Steven Legg wrote:



Hi Erik,

Note that LDAP allows an object class to have multiple names.
For consistency with ObjectClassDescription in both LDAP and
X.500 the ldapName component should be:

    SEQUENCE SIZE(1..MAX) OF UTF8String OPTIONAL



(The same applies to attribute type descriptions as well)

David
-----
www.x500standard.com: The central source for information on the X.500
Directory Standard.

-----
www.x500standard.com: The central source for information on the X.500 Directory 
Standard.



-----
www.x500standard.com: The central source for information on the X.500 Directory 
Standard.

Other related posts:

  1. Home
  2. x500standard
  3. Archive
  4. 01-2012