Re: schema for NSS LDAP with not all accounts active

[Russell Coker <russell@coker.com.au>]

On Sunday 01 April 2001 07:06, Sami Haahtinen wrote:
> i don't know about standard but there is a schema for one. (i don't
> remember if it supported services directly but it could be implemented)
>
> the schema comes with directory manager (i can't remember the URL for it
> now check d-d archives) the schema was named trustAccount or something like
> that..
>
> or, you could use a filter like this:
>
> filter=(uid=*-pop)
>
> and add another uid for the account (uid: account-pop) this is ofcourse
> haxory but if you want (or are forced) to follow schemas this could be one
> solution.. ofcourse this filter=... has not been implemented yet, it's
> still a patch waiting to be compiled on my machine =)

The "gecos" and "description" fields that are in the posixAccount objectClass 
don't seem to be used for anything and they take text...

But really we need some decent new schemas for this.  Some time ago Wichert 
spoke to me about the possibility of getting an ISO number assigned to the 
Debian project.  Then we could design our own object class that derives from 
the posixAccount objectClass and has special attributes for these things and 
more.

Wichert, how do we proceed with this?

-- 
http://www.coker.com.au/bonnie++/     Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/       Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/     My home page