|
|
|
Use the set name-binding command to define a name binding between two previously defined object classes. This defines the hierarchy of the directory.
A name binding consists of a name for the name binding, an object and its allowable parent, and an attribute that names the object
This command has the following format:
set name-binding OID = {
name = binding-name
parent-OC allowable-parent child-OC
named-by attribute-list [ optional ]
};
Specifies the object identifier of the attribute
The name of the name binding. This is often descriptive. It can be constructed by concatenating the names of the object classes being connected.
Specifies the parent and child object classes
Lists the attributes that name an object of the child object class. Often only one attribute is listed.
(Optional) Lists attributes that may optionally be appended to the list specified in named-by.
Example: Define Name Binding
In this example, a new definition (arbitrarily named org-country) states that you can place an organization object under a country object and that you must name it by the organizationName attribute. The definition org-top states that you can also place an organization object under a top object (that is, the root of the namespace) named by the organizationName attribute.
Multiple attributes can name an object, in which case you separate the attributes by commas. Additional naming attributes are optional when the keyword optional precedes them.
set name-binding x500nbind:2 = {
name = org-top organization allowable-parent top named-by organizationName
};
set name-binding x500nbind:3 = {
name = org-country organization allowable-parent country named-by organizationName
};
Example: Define Advanced Name Binding
set name-binding x500nbind:22 = {
name = orgUnit-orgPerson
organization allowable-parent organizationalUnit
named-by commonName optional surname
};
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |