[LDAP-interop] eDirectory and nesting of OCs
Michael Ströder
michael at stroeder.com
Tue Aug 30 08:26:49 EDT 2005
Michael Ströder wrote:
> Peter Schober wrote:
>
>>on a public mailing list list about the groupware software
>>"open-xchange" (shortend to OX) came up this discussion about "nesting"
>>objects of certain objectclasses.
>>open-xchange, like many others, currently makes use of 'ou's below
>>e.g. 'inetOrgPerson's e.g. for storing personal contacts "below" the
>>person owning them. now people claim you cannot do this with Novell
>>eDirectory (nesting of arbitrary objectclasses).
>
>
> Yes, try a Google search for NDS containment rules.
Seems to be worth reading:
http://support.novell.com/techcenter/articles/dnd19990603.html#d12jjat
Also watch out for Novell-specific schema extension attribute
X-NDS_CONTAINMENT (see excerpts below grabbed from sub schema at
ldap://nldap.com). Maybe you can tweak that as eDirectory admin.
http://developer.novell.com/research/devnotes/2000/june/03/old/d0006032.htm
Ciao, Michael.
( 2.5.6.4
NAME 'organization'
SUP ( top $ ndsLoginProperties $ ndsContainerLoginProperties )
STRUCTURAL
MUST o
MAY ( [..] )
X-NDS_NAMING 'o'
X-NDS_CONTAINMENT ( 'top' 'treeRoot' 'country' 'locality' 'domain' )
X-NDS_NAME 'Organization'
X-NDS_NONREMOVABLE '1' )
( 2.5.6.5
NAME 'organizationalUnit'
SUP ( top $ ndsLoginProperties $ ndsContainerLoginProperties )
STRUCTURAL
MUST ou
MAY ( [..] )
X-NDS_NAMING 'ou'
X-NDS_CONTAINMENT ( 'organizationalUnit' 'locality'
'organization' 'domain' )
X-NDS_NAME 'Organizational Unit'
X-NDS_NONREMOVABLE '1' )
--
Michael Ströder
E-Mail: michael at stroeder.com
http://www.stroeder.com
_______________________________________________
LDAP-interop mailing list
LDAP-interop at fini.net
http://lists.fini.net/mailman/listinfo/ldap-interop
More information about the LDAP-interop
mailing list