On 07/29/2014 10:58 AM, Andreas Ladanyi wrote:
Am 28.07.2014 15:30, schrieb Petr Viktorin:
On 07/28/2014 03:08 PM, Andreas Ladanyi wrote:
Hi,
iam looking for the ldif file where i could find the objectclass
definition of ipaobject.
[...]
So the objectclass ipaobject seems to have one auxiliary attribute only
? Where could i find the rest of the objectclass definition ?
This is the complete definition; other attributes come from other
objectclasses.
The ipaUniqueID is required (MUST) for ipaObject. The objectclass
itself is AUXILIARY.
Here's the tutorial I learned LDAP concepts from, hope it helps:
http://www.zytrax.com/books/ldap/ch3/
Hi Petr,
thank you for your answer.
This is the complete definition; other attributes come from other
objectclasses.
Ok, but from which other objectclasses ?
That depends on the other objectclasses the entry has. ipaobject only
provides ipaUniqueID, but (since it's auxiliary), the entry must have at
least one other objectclass as well.
For example, a user will have something like:
dn: uid=admin,cn=users,cn=accounts,...
objectclass: top
objectclass: person
objectclass: posixaccount
objectclass: krbprincipalaux
objectclass: krbticketpolicyaux
objectclass: inetuser
objectclass: ipaobject
objectclass: ipasshuser
objectclass: ipaSshGroupOfPubKeys
a non-posix group will have:
dn: cn=ipausers,cn=groups,cn=accounts,...
objectclass: top
objectclass: groupofnames
objectclass: nestedgroup
objectclass: ipausergroup
objectclass: ipaobject
etc.
--
PetrĀ³
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
