Novell Doc: NDK: Novell eDirectory Schema Reference

LDAP Name

inetOrgPerson

ASN.1 ID

2.16.840.1.113730.3.2.2

Class Flags

Class Flags	Setting
Container	Off
Effective	On
Nonremovable	Off
Ambiguous Naming	Off
Ambiguous Container	Off
Auxiliary Class	Off

Class Structure

Rule	Class/Attribute	Defined For
Super Classes	Top ndsLoginProperties Person Organizational Person	ndsLoginProperties Person Organizational Person inetOrgPerson
Containment	Country domain Locality Organization Organizational Unit	inetOrgPerson inetOrgPerson inetOrgPerson inetOrgPerson inetOrgPerson
Named By	CN (Common Name) uniqueID Given Name Internet EMail Address Surname	inetOrgPerson inetOrgPerson inetOrgPerson inetOrgPerson inetOrgPerson

Rule

Class/Attribute

Defined For

Super Classes

Top

ndsLoginProperties

Person

Organizational Person

ndsLoginProperties

Person

Organizational Person

inetOrgPerson

Containment

inetOrgPerson

Named By

CN (Common Name)

uniqueID

Given Name

Internet EMail Address

Surname

inetOrgPerson

Mandatory Attributes

inetOrgPerson	Inherited from Top	Inherited from Person
	Object Class	CN (Common Name) Surname

inetOrgPerson

Inherited from Top

Inherited from Person

Object Class

CN (Common Name)

Surname

Optional Attributes

inetOrgPerson
audio businessCategory carLicense departmentNumber displayName employeeType Given Name homePhone homePostalAddress Initials Internet EMail Address jpegPhoto labeledUri	ldapPhoto manager mobile NSCP:employeeNumber pager preferredLanguage roomNumber secretary uniqueID userCertificate userSMIMECertificate x500UniqueIdentifier

Inherited from Top
ACL Audit:File Link Authority Revocation Back Link Bindery Property CA Private Key CA Public Key Certificate Revocation Certificate Validity Interval Cross Certificate Pair Equivalent To Me	GUID Last Referenced Time masvAuthorizedRange masvDefaultRange masvProposedLabel Obituary Other GUID Reference Revision Used By

Inherited from ndsLoginProperties
Account Balance Allow Unlimited Credit Group Membership Higher Privileges Language Last Login Time Locked By Intruder Login Allowed Time Map Login Disabled Login Expiration Time Login Grace Limit Login Grace Remaining Login Intruder Address Login Intruder Attempts Login Intruder Reset Time Login Maximum Simultaneous Login Script Login Time	Minimum Account Balance Network Address Network Address Restriction Password Allow Change Password Expiration Interval Password Expiration Time Password Minimum Length Password Required Password Unique Required Passwords Used Private Key Profile Profile Membership Public Key Security Equals Security Flags Server Holds Timezone

Inherited from Person
Description Full Name Generational Qualifier Given Name	Initials See Also Telephone Number

Inherited from Organizational Person
destinationIndicator EMail Address Facsimile Telephone Number internationaliSDNNumber L (Locality Name) Mailbox ID Mailbox Location OU (Organizational Unit Name) Physical Delivery Office Name Postal Address	Postal Code Postal Office Box preferredDeliveryMethod registeredAddress S (State or Province Name) SA (Street Address) telexNumber telexTerminalIdentifier Title x121Address

Default ACL Template

Object Name	Default Rights	Affected Attributes	Class Defined For
[Creator]	Supervisor	[Entry Rights]	Top

Remarks

For help in understanding the class definition template, see Reading Class Definitions.

This is an optional class that is not installed automatically with the LDAP server. The administrator must use the nwconfig.nlm to execute the Sys:system\schema\iperson.sch file. The administrator must then manually reconfigure the LDAP mapping so that inetOrgPerson points to inetOrgPerson rather than to User.

The User class can be modified to support the additional inetOrgPerson attributes by executing the nov_inet.sch file. This is the preferred method because most eDirectory applications assume that User is the only class used to define user-type objects in the tree.