OK, not about "LDAP" but similar. I couldn't find an appropriate microsoft group, and I'm sure folks here are familiar with this.
I've extended the AD schema. <http://technet2.microsoft.com/windowsserver/en/library/e3525d00-a746-4466-bb87-140acb44a6031033.mspx?mfr=true> says that In Windows Server 2003, auxiliary classes can be assigned dynamically to individual instances of classes, rather than being applied automatically to all instances. For example, you can assign the pager auxiliary class to only those users who need it. i don't know what an "individual instance" of a class is but from that doc it seems to mean the equivalent of a DSE. that says to me that i can use the familiar syntax dn: cn=username,cn=users,... changetype: modify add: myClass objectClass: myClass - add: myAttribute myAttribute: myValue ... to add attributes specific to my new objectclass to any particular DSE. however when i attempt this i get an error. what i've found i had to do is to add auxiliaryClass: myClass to cn=users,cn=schema,... (from examples found online). fine, although not what i expected. now my real problem/question is that when i do try to add my attributes to a user entry, i am NOT ALLOWED to add the objectClass to their DSE. i can however go ahead and add the attributes present in my new objectclass. this sucks because - when you do a search the results are not consistent with an LDAP search where you expect that for every attribute present in a DSE, there will be an objectClass attribute which allows/requires that attribute - migration to/from openLDAP is difficult any insight, or references to other resources, are most appreciated. -frank --- You are currently subscribed to [email protected] as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
