From owner-freebsd-questions@FreeBSD.ORG  Tue Apr 29 10:51:44 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 29EA7106564A
	for <freebsd-questions@freebsd.org>;
	Tue, 29 Apr 2008 10:51:44 +0000 (UTC)
	(envelope-from jonc@chen.org.nz)
Received: from chen.org.nz (chen.org.nz [202.89.146.5])
	by mx1.freebsd.org (Postfix) with ESMTP id C38898FC1E
	for <freebsd-questions@freebsd.org>;
	Tue, 29 Apr 2008 10:51:43 +0000 (UTC)
	(envelope-from jonc@chen.org.nz)
Received: by chen.org.nz (Postfix, from userid 1000)
	id ABEDE2840C; Tue, 29 Apr 2008 22:51:42 +1200 (NZST)
Date: Tue, 29 Apr 2008 22:51:42 +1200
From: Jonathan Chen <jonc@chen.org.nz>
To: "O. Hartmann" <ohartman@zedat.fu-berlin.de>
Message-ID: <20080429105142.GA69915@osiris.chen.org.nz>
References: <4816F370.6070706@zedat.fu-berlin.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <4816F370.6070706@zedat.fu-berlin.de>
User-Agent: Mutt/1.4.2.3i
Cc: freebsd-questions@freebsd.org
Subject: Re: OpenLDAP/FreeBSD: How to implement attribute HOST without
	STRUCTURAL account?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Apr 2008 10:51:44 -0000

On Tue, Apr 29, 2008 at 10:07:44AM +0000, O. Hartmann wrote:
> Hello out there,
> my question may sound a bit weird, but the situation is as follows:
> 
> I use OpenLDAP 2.4 for authetication purposes within our lab's net and 
> every user's account is of the objectclass 'posixAccount'. As we know, 
> this class does not contain the attribute 'host', which belongs to 
> structural class 'account' and both posixAccount and account  are of 
> type structural and therefore can not be mixed.

Is there really such a rule? There's an of examples in
O'Reilly's "LDAP System Administration" that has a mixed
"account" + "posixAccount" objectClasses for a node to implement
the situation of: One User and a Group of Hosts.
-- 
Jonathan Chen <jonc@chen.org.nz>
----------------------------------------------------------------------
                                                 Vini, vidi, velcro...
                                         I came, I saw, I stuck around