Hi Jean-Paul, I wouldn't change the ldapName fields from fixed-type value fields to fixed-type value set fields. It makes little difference for typical usage, for example, LDAP-NAME { "foo" | "bar" } rather than LDAP-NAME { "foo", "bar" } but value set notation allows other constructs that are difficult to convert to a list of names and some that can't be converted to a finite list of names, e.g., LDAP-NAME { PATTERN "foobar.*" } We need to convert to a finite list of names to create the equivalent schema operational attribute values. Regards, Steven On 27/01/2012 8:01 PM, Jean-Paul Lemaire wrote:
Hi, I agree that for object classes and attribute types, multiple ldap names should be supported. It Is also possible to modify the information object classes as follows: OBJECT-CLASS ::= CLASS { &Superclasses OBJECT-CLASS OPTIONAL, &kind ObjectClassKind DEFAULT structural, &MandatoryAttributes ATTRIBUTE OPTIONAL, &OptionalAttributes ATTRIBUTE OPTIONAL, &LdapName UTF8String OPTIONAL, &ldapDesc UTF8String OPTIONAL, &id OBJECT IDENTIFIER UNIQUE } WITH SYNTAX { [SUBCLASS OF&Superclasses] [KIND&kind] [MUST CONTAIN&MandatoryAttributes] [MAY CONTAIN&OptionalAttributes] [LDAP-NAME&LdapName] [LDAP-DESC&ldapDesc] ID&id } ATTRIBUTE ::= CLASS { &derivation ATTRIBUTE OPTIONAL, &Type OPTIONAL, -- either&Type or&derivation required &equality-match MATCHING-RULE OPTIONAL, &ordering-match MATCHING-RULE OPTIONAL, &substrings-match MATCHING-RULE OPTIONAL, &single-valued BOOLEAN DEFAULT FALSE, &collective BOOLEAN DEFAULT FALSE, &dummy BOOLEAN DEFAULT FALSE, -- operational extensions &no-user-modification BOOLEAN DEFAULT FALSE, &usage AttributeUsage DEFAULT userApplications, &ldapSyntax SYNTAX-NAME.&id OPTIONAL, &LdapName UTF8String OPTIONAL, &ldapDesc UTF8String OPTIONAL, &attributeDescription UTF8String OPTIONAL, &id OBJECT IDENTIFIER UNIQUE } WITH SYNTAX { [SUBTYPE OF&derivation] [WITH SYNTAX&Type] [EQUALITY MATCHING RULE&equality-match] [ORDERING MATCHING RULE&ordering-match] [SUBSTRINGS MATCHING RULE&substrings-match] [SINGLE VALUE&single-valued] [COLLECTIVE&collective] [DUMMY&dummy] [NO USER MODIFICATION&no-user-modification] [USAGE&usage] [LDAP-SYNTAX&ldapSyntax] [LDAP-NAME&LdapName] [LDAP-DESC&ldapDesc] [ATTRIBUTE DESCRIPTION&attributeDescription] ID&id } Jean-Paul. -----Message d'origine----- De : x500standard-bounce@xxxxxxxxxxxxx [mailto:x500standard-bounce@xxxxxxxxxxxxx] De la part de David Wilson Envoyé : vendredi 27 janvier 2012 09:05 À : x500standard@xxxxxxxxxxxxx Objet : [x500standard] Re: Object class defition On 27 Jan 2012, at 04:49, Steven Legg wrote:Hi Erik, Note that LDAP allows an object class to have multiple names. For consistency with ObjectClassDescription in both LDAP and X.500 the ldapName component should be: SEQUENCE SIZE(1..MAX) OF UTF8String OPTIONAL(The same applies to attribute type descriptions as well) David ----- www.x500standard.com: The central source for information on the X.500 Directory Standard. ----- www.x500standard.com: The central source for information on the X.500 Directory Standard.
----- www.x500standard.com: The central source for information on the X.500 Directory Standard.