Manualshelf

HP-UX Directory Server 8.1 deployment guide

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server
31323334353637383940
3.5.1 Schema checking
Schema checking ensures that all new or modified directory entries conform to the schema rules.
When the rules are violated, the directory rejects the requested change.
NOTE:
Schema checking checks only that the proper attributes are present. It does not verify whether
attribute values are in the correct syntax for the attribute.
By default, the directory enables schema checking. HP recommends not disabling this feature.
For information on enabling and disabling schema checking, see the HP-UX Directory Server
administrator guide.
With schema checking enabled, be attentive to required and allowed attributes as defined by the
object classes. Object class definitions usually contain at least one required attribute and one or
more optional attributes. Optional attributes are attributes that can be, but are not required to
be, added to the directory entry. Attempting to add an attribute to an entry that is neither required
nor allowed according to the entry's object class definition causes the Directory Server to return
an object class violation message.
For example, if an entry is defined to use the organizationalPerson object class, then the
common name (cn) and surname (sn) attributes are required for the entry. That is, values for
these attributes must be set when the entry is created. In addition, there is a long list of attributes
that can optionally be used on the entry, including descriptive attributes like telephoneNumber,
uid, streetAddress, and userPassword.
3.5.2 Selecting consistent data formats
LDAP schema allows any data to be placed on any attribute value. However, it is important to
store data consistently in the directory tree by selecting a format appropriate for the LDAP client
applications and directory users.
With the LDAP protocol and Directory Server, data must be represented in the data formats
specified in RFC 2252. For example, the correct LDAP format for telephone numbers is defined
in two ITU-T recommendations documents:
ITU-T Recommendation E.123 Notation for national and international telephone numbers.
ITU-T Recommendation E.163 Numbering plan for the international telephone services.
For example, a US phone number is formatted as +1 555
222 1717.
As another example, the postalAddress attribute expects an attribute value in the form of a
multiline string that uses dollar signs ($) as line delimiters. A properly formatted directory entry
appears as follows:
postalAddress: 1206 Directory Drive$Pleasant View, MN$34200
Attributes can require strings, binary input, integers, and other formats. The allowed format is
set in the schema defintion for the attribute.
3.5.3 Maintaining consistency in replicated schema
When the directory schema is edited, the changes are recorded in the changelog. During
replication, the changelog is scanned for changes, and any changes are replicated. Maintaining
3.5 Maintaining consistent schema 37