Re: objectclass customization

Tim Howes (
Thu, 02 May 1996 17:44:52 -0700

Jim Garlick wrote:
> Hello,
> I hope this question is appropriate for the list...
> I suspect it boils down to my lack of understanding of LDAP and X.500 (sorry!)
> We are evaluating an IMAP mail client called Simeon from ESys Corp. and
> are bringing up an LDAP directory service based on slapd. When simeon
> looks for a person in the LDAP directory, it searches for a a `commonname'
> attribute. Slapd and some other LDAP references I have looked at want a
> `cn' attribute. Is one or the other a standard attribute that I should make
> available so a wide variety of (potentially off-site) LDAP clients can make
> sense of my data?
> The ESys guy I talked to today suggested I make `commonname' and alias to `cn',
> but I see that slapd doesn't support aliases. Should I just add a duplicate
> `commonname' attribute for every `cn' in my data?

No, you should be able to make slapd use "commonName" instead of "cn". Just
replace the entry in the file that looks like this:

attribute commonName cn cis

With an entry that looks like this:

attribute cn commonName cis

I think that might do the trick for you.

> Which brings me to another point. We would like our person objectclass to
> contain a lot more attributes than what is defined in slapd.oc.conf.
> I see umich has created a umichPerson objectclass. How does that mesh
> with the view an off-site client expects to get of the umich data? Does each
> person have both a person and umichPerson entry, or are they linked in some
> way?

Each person should have both a "person" and "yourSitePerson" object class
value. They should be linked better than they are in slapd, since the latter
is derived from the former, but we left it in the hands of the administrator
to make sure this was all consistent.

When an off-site client does a query for "objectclass=person" entries, it
will get your "objectclass=yourSitePerson" entries (since they also have
objectclass person). The client will know about the person attributes, but
maybe not the other ones you've defined. -- Tim