LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

361

362

363

364

365

366

367

368

369

370

“versionLessThan” are not used in the XML files being processed (the

schema definition files, the LDAP directory server definition file, and the

mapping rules file). If the XML files include any definitions with

“versionGreaterOrEqual” attribute set, strcasecmp() must return

zero or a positive integer to include directory-specific information in the LDAP

schema definition. If the XML files include any definitions with

“versionLessThan” attribute set, strcasecmp() must return a negative

integer to include directory-specific information in the LDAP schema definition.

Also, “versionGreaterOrEqual” and “versionLessThan” can be

used simultaneously to define a range of version of the LDAP directory server.

For more information, see Section 9.5.5 (page 369).

9.5.3.1.2 Additional options (optional)

The following describes a list of options that are optional:

-h hostname Specifies the LDAP directory server host name or IP address. (Default:

localhost)

-p <port> Specifies the LDAP directory server TCP port number. (Default: 389 for regular

connections, 636 for SSL connections.)

-D <binddn> Specifies distinguished name (DN) of an administrator who has permissions

to read and modify LDAP directory server schema.

-j <filename> Specifies an administrator’s password in the file (for simple authentication).

-w- Inputs an administrator’s password from the prompt (for simple authentication).

-Z Establishes an SSL-encrypted connection.

-ZZ Specifies StartTLS request.

-ZZZ Enforces startTLS request (requires successful server response).

-P path Specifies path to SSL certificate database. (Default: /etc/opt/ldapux)

-3 Verifies the host name in SSL certificates.

-s- Disables syntax substitution in attribute types. Normally, if an attribute type

uses an LDAP syntax not supported on the LDAP directory server, it is mapped

to use a higher level (more inclusive) syntax supported by that server. If this

option is specified, any attribute types that use unsupported LDAP syntax are

not added to the LDAP directory server schema. For more information about

mapping rules and LDAP syntaxes, see Section 9.5.7 (page 373).

-m- Disables matching rule substitution in attribute types. Normally, if an attribute

type uses a matching rule not supported on the LDAP directory server, it is

mapped to use a higher level (less specific) matching rule supported by that

server. If this option is specified, any attribute types that use unsupported

matching rules are not added to the LDAP directory server schema. For more

information about mapping rules and LDAP syntaxes, see Section 9.5.7

(page 373).

-f <filename> Stores schema extension instructions in the specified file (usually in LDIF

format). Do not apply any changes to the LDAP directory server schema. This

option requires specifying the -e option.

-F Forces installation of schema even if it contains any invalid attribute type or

object class definitions, or some components specified in the schema file are

already present in the LDAP directory server.

9.5 Schema extension utility 363