Creating my own schema in LDAP

gokulnath · 09-21-2006, 08:58 AM

I am new to ldap.i have installed and configured ldap with default schema setup. it is working fine.

Now I want to create ldap schema for my company structure. can i add my own attribute type and objectclass in schema file ? will that affect existing schema or ldap setup.

Any Ideas!!

bathory · 09-22-2006, 02:12 AM

I'm not an expert in ldap also, but I think you can create create your own schema file and add it in slapd.conf to be used by your ldap server. Take a look here to see how you can do this.

Regards

gokulnath · 09-23-2006, 04:05 AM

Thanks for your immediate response.I'll try it out and let u know.

mpapet · 09-23-2006, 10:47 AM

-Adding- items to the schema is absolutely possible and easy. It's one reason why LDAP is so great.

Don't drop descriptors (whatever they call the columns in an LDAP table) from the schema and you'll be just fine.

gokulnath · 09-25-2006, 07:17 AM

Quote:

Originally Posted by bathory

I'm not an expert in ldap also, but I think you can create create your own schema file and add it in slapd.conf to be used by your ldap server. Take a look here to see how you can do this.

Regards

Sorry for the delay. According to your statements i can create my own ldap schema.Now tell me whether my plan is right or wrong.

Step1: I'll add my attributes and objectclass in mycomp.schema file.
Step2: Then i'll add this line to slapd.conf file.

include /usr/local/etc/openldap/schema/mycomp.schema

Step3: Restart the ldap service.

(It should not affect my existing ldap setup). will it affect?

Is this steps enough or anything else needed?

Thanks
Gokulnath

dougnc · 09-25-2006, 07:57 AM

Do you have windows clients logging into LDAP?

mpapet · 09-25-2006, 11:26 AM

Quote:

Originally Posted by gokulnath

Sorry for the delay. According to your statements i can create my own ldap schema.Now tell me whether my plan is right or wrong.

Step1: I'll add my attributes and objectclass in mycomp.schema file.
Step2: Then i'll add this line to slapd.conf file.

include /usr/local/etc/openldap/schema/mycomp.schema

Step3: Restart the ldap service.

(It should not affect my existing ldap setup). will it affect?

Is this steps enough or anything else needed?

Thanks
Gokulnath

Don't be a j*ck*ss about this.
1. Don't mess with a production DB
2. Back up the LDAP DB first.
3. Do the steps you mention above in a test environment.
4. Test the new ldap thoroughly
5. Move changes into production.

mpapet · 09-25-2006, 11:33 AM

Quote:

Originally Posted by dougnc

Do you have windows clients logging into LDAP?

Openldap does this already. If you look around you can find win32 binaries of openldap and have a legitimate ldap directory instead of MS's half-@ss implementation.

If you want to create a shared address book that some users can update, you need a LDAP client to do this. There are quite a few of these on sourceforge.

WARNING:
Outlook won't write new contacts into the db. Gnome's win32 flagship mail client won't do it. I don't think Thunderbird does this either. I don't know about KDE's kmail.

gokulnath · 09-25-2006, 11:12 PM

Quote:

Originally Posted by dougnc

Do you have windows clients logging into LDAP?

Yes, i have windows clients also.Is there any problem bcoz of this.