replaced and deprecated attribute in schema

Mon Sep 14 09:27:21 MDT 2009

On 09/14/2009 05:12 PM, Andrew Bartlett wrote:
> On Sun, 2009-09-13 at 14:08 +0400, Matthieu Patou wrote:
>    
>> Hi andrew,
>>
>> While doing stuff on the upgradeprovision script I found some attributes
>> that disappear or that are changed:
>>
>> prefixMap
>>      
For this it's quite difficult to say as the content is in binary format 
... but as my previous provision was lacking lots of new attributes and 
class this seems quite logical ... to be updated (example of 
attributeID: 1.3.6.1.1.1.1.24)
>> defaultSecurityDescriptor
>>      
Default security descriptor for 
CN=User,CN=Schema,CN=Configuration,DC=smb4,DC=tst has changed
Default security descriptor for 
CN=Domain-DNS,CN=Schema,CN=Configuration,DC=smb4,DC=tst has changed
Default security descriptor for 
CN=Sam-Domain,CN=Schema,CN=Configuration,DC=smb4,DC=tst has changed

>> mayContain
>>      
Example of change:
dn= CN=Mail-Recipient,CN=Schema,CN=Configuration,DC=smb4,DC=tst
old 0 : userSMIMECertificate
old 0 : secretary
old 0 : msExchLabeledURI
old 0 : msExchAssistantName
old 0 : labeledURI
new 0 : msDS-PhoneticDisplayName
new 0 : userSMIMECertificate
new 0 : secretary
new 0 : msExchLabeledURI
new 0 : msExchAssistantName
new 0 : labeledURI

userSMIMECertificate was added ...

>> systemFlags
>>      
Modified
dn= CN=User-SMIME-Certificate,CN=Schema,CN=Configuration,DC=smb4,DC=tst
old 0 : 0
new 0 : 16
or removed:
dn= CN=departmentNumber,CN=Schema,CN=Configuration,DC=smb4,DC=tst
old 0 : 0

>> searchFlags
>>      
dn= CN=msNPAllowDialin,CN=Schema,CN=Configuration,DC=smb4,DC=tst searchFlags
old 0 : 0
new 0 : 16

>> systemMayContain
>>      
dn= CN=ms-DS-Az-Scope,CN=Schema,CN=Configuration,DC=smb4,DC=tst
old 0 : msDS-AzApplicationData
old 0 : description
new 0 : msDS-AzGenericData
new 0 : msDS-AzObjectGuid
new 0 : msDS-AzApplicationData
new 0 : description

>> systemOnly
>>      
Only 1 change like this
dn= CN=Schema-Flags-Ex,CN=Schema,CN=Configuration,DC=smb4,DC=tst
old 0 : FALSE
new 0 : TRUE

>> defaultObjectCategory
>>      
>    
Only 1 change like this
dn= CN=Samba4-Local-Domain,CN=Schema,CN=Configuration,DC=smb4,DC=tst
old 0 : CN=Builtin-Domain,CN=Schema,CN=Configuration,DC=smb4,DC=tst
new 0 : CN=Samba4-Local-Domain,CN=Schema,CN=Configuration,DC=smb4,DC=tst
> What changes here?
>
>    
>> possibleInferiors
>>      
> This is now calculated at runtime.
>
>    
>> rangeUpper
>>      
Only 1 change like this.
dn= CN=Title,CN=Schema,CN=Configuration,DC=smb4,DC=tst rangeUpper with 
flag 2 is not allowed to be changed/removed, I discard this change ...
old 0 : 64
new 0 : 128

> For which attribute is this missing?  It may be a bug in the schema MS
> has provided to us.
>
>    
>> adminDisplayName
>> adminDescription
>>      
> This is a bug in ms_schema.py or the supplied text-file schemas from MS.
> We must investigate if they are always equal to the displayName and
> description, and then provide a default mapping of one to the other in
> that script.
>
>    
adminDisplayName
dn= CN=x500uniqueIdentifier,CN=Schema,CN=Configuration,DC=smb4,DC=tst
old 0 : x500uniqueIdentifier
adminDescription
dn= CN=x500uniqueIdentifier,CN=Schema,CN=Configuration,DC=smb4,DC=tst
old 0 : Used to distinguish between objects when a distinguished name 
has been reused.  This is a different attribute type from both the "uid" 
and "uniqueIdentifier" types.

>> For the first part I'm quite ok to change or removed them but for the
>> second as I don't know the use or the previous use of this attributes I
>> am a bit more reluctant to authorize the script to replace or remove
>> them.
>>      
> Indeed, and I'm glad you checked.
>    
In fact it looks that most of this change are due to a better source of 
information for generating the schema.
Matthieu.