[Fedora-directory-users] Wishlist
Jeff Clowser
jclowser at unitedmessaging.com
Fri Aug 26 15:12:59 UTC 2005
Rich Megginson wrote:
> Jeff Clowser wrote:
>
>> suppose that might be more clearly stated in the X.501 spec?).
>> Sounds like I am stepping into an LDAP/X.50x holy war :)
>
> I'm sure the folks on the ldap umich list will be happy to provide
> their interpretations :-)
Heh :)
> I propose the creation of a new objectclass that will be AUXILIARY and
> also be a subclass of posixAccount. This objectclass will contain the
> "host" attribute (other attributes?). In order to make host based
> access restriction work, you would simply add this objectclass and
> host attribute to any existing user, even if they already have the
> posixAccount objectclass. I'm not sure what a good name for this
> objectclass would be - perhaps posixAccountExt or ??? At any rate,
> applications that use the search filter (objectclass=posixAccount) to
> get entries that contain the host attribute would continue to work.
> This would simplify new account creation because you could just use
> the new objectclass instead of posixAccount and it would inherit all
> of the posixAccount attributes.
>
Are you proposing this simply as "lets all agree on this list on
something", as "a schema extension that comes with FDS", or as a new
standard oc, with properly registered OIDs and all? If a new standard
oc, how hard is it to do that - not something I've ever done. I would
like the third mainly because it makes it easier for for
interoperability, but I can live with either of the other two. Would
make sense to discuss if there are other attributes to add while we're
at it.
- Jeff
More information about the Fedora-directory-users
mailing list