Creating Custom Schema Files for slapd
There are times when the standard schema files distributed with your LDAP server don’t meet the needs of your application. Creating a custom schema file for OpenLDAP is a simple process:
Assign a unique OID for all new attribute types and object classes.
Create the schema file and include it in slapd.conf.
It’s also possible to create alternate schema syntaxes and matching rules, but implementing them is beyond the scope of this book; typically, they require implementing a plug-in for the directory server or modifying the server’s source code. For more information on this process, you should consult the OpenLDAP source code or your vendor’s documentation for other directory servers.
Chapter 2 described how to obtain a private enterprise number from IANA (see the form at http://www.iana.org/cgi-bin/enterprise.pl and RFC 3383). When creating new attributes or object classes, it is a good idea to use an OID that is guaranteed to be unique, whether or not the schema will ever be used outside of your organization. The best way to guarantee that the OID is unique is to obtain a private enterprise number and place all your definitions under that number.
For example, suppose that an LDAP client application requires a new
object class based on person. This new object
class should contain all of the attributes possessed by the
person object, with the addition of the
userPassword and mail
attributes.
In order to create this new object, I have allocated ...
Get LDAP System Administration now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
