Hi there, I initially posted this to the OpenLDAP software list, as it touches upon the schema distributed with that software, and OpenLDAP happens to have been the LDAP server I am using but it's been pointed out that the issue is rather wider than an OpenLDAP one - hence posting, in slightly modified form here.
For those of you who are not familair with OpenLDAP's "supplied" schema to which this question relates, they are: corba.schema core.schema cosine.schema dyngroup.schema inetorgperson.schema java.schema misc.schema nis.schema openldap.schema ppolicy.schema but anyway, as to the actual question: In a basic (as in using the schemas that come with openldap) DIT where "real people" are mostly describeable via "subclasses" of inetOrgPerson objects top person organizationalPerson inetOrgPerson one can obviously place an email address against the mail attribute from the inetOrgPerson objectClass However, if one wishes to have an email address associated with a "organizationalRole" object top organizationalRole there would seem to be a need to append another objectClass that's not there "by default" in the supplied schema. (Notes: Yes, I appreciate that the ability to add/extend is once of the "nice things", that's not what I am asking. No, I do not want to follow the roleOccupant attribute to get the email from the inetOrgPerson/groupOfNames - the email here is tied to the role, not the occupant(s). ) In trawling the interweb thing looking for an answer I have seen many examples of institutions using an organizationalPerson objectClass when, clearly, the "object" is not a person - and this seems like a fudge to me - instead of an organizationalRole. Maybe my search skills have fallen into as much disrepair as my OpenLDAP ones, but it simply does not sound like something that only a few sites would have done and hidden from the world. Obviously, I can come up with a new objectClass that would do the job but would rather use a de facto "known good" if such exists. Any pointers ? Yours, seemingly, having believed I had overcome this before, no longer in the know, Kevin -- Kevin M. Buckley Room: CO327 School of Engineering and Phone: +64 4 463 5971 Computer Science Victoria University of Wellington New Zealand
