On Sun, 2012-03-18 at 13:59 +0100, Marco Pizzoli wrote: > Hi Simo, > > On Sat, Mar 17, 2012 at 7:16 PM, Simo Sorce <[email protected]> wrote: > On Sat, 2012-03-17 at 11:12 +0100, Marco Pizzoli wrote: > > Hi guys, > > > > I extended my set of LDAP objectClasses associated to users > by adding > > my new objectClass to my cn=ipaConfig LDAP entry, the > > ipaUserObjectClasses attribute. > > Then, I created a new user with the web ui and I see the new > > objectClass associated with that user, but as structural > instead of > > auxiliary. I don't know why, could you help me? > > > > Same thing happened for my groups. I added 3 objectClasses > and now I > > see all of them as structural. I would understand an answer: > all > > objectClasses eventually result as structural, but so why, > for > > example, the ipaObject is still an auxiliary objectClass? > > > The objectClass type depends on the schema. It is not > something that > changes after you assign it to an object. > > Yes, your answer surely does make sense. > > My question was triggered by the fact that, AFAICS, not all > objectClasses are structural as well. > In fact I can see that, for my group object, the objectClass > "ipaobject" has been defined as auxiliary, while others structural. > For users, I see that *only my objectClass* is defined as structural. > All others as auxiliary. > > In attachment you can see 2 images that immediately represent what I'm > trying to explain. > > If this was the intended behaviour, I would be really interested in > knowing what is the rationale behind this. > Only curiousity, as usual :-)
Objectclasses have no structureal/auxiliary "attribute" in an object, it's your ldap browser that is returning the labeling by (I guess ) searching the schema. I guess your object is getting it wrong, or the schema you defined in 389ds has these classes marked structural. > search the schema with your browser and see how it identify these classes ? I see you also opened a bug, but it makes little sense to me. I will close it as invalid for now, unless there is evidence 389ds returns the wrong type from the schema tree. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
