ldapschema.1 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

ldapschema(1) ldapschema(1)

same schema deﬁnition ﬁle.

<may> Optional, use if an object class has optional attributes. The speciﬁed attributes must

already exist on the LDAP directory server, or must its deﬁnition must be speciﬁed in the

same schema deﬁnition ﬁle.

<rdn> Optional. Deﬁnes the recommended attribute to use for the Relative Distinguished Name

(RDN) for new entries created with this object class. Currently,

<rdn> applies only to

Active Directory Server (ADS). At most one RDN can be speciﬁed.

extendAuxiliaryClass

Optional, applies to AUXILIARY object classes only. This tag is used to extend an object

class already deﬁned in the LDAP server schema with this new AUXILIARY object class.

Currently, <extendAuxiliaryClass>

applies only to Active Directory Server (ADS)

to include the new AUXILIARY class as an

auxiliaryClass in the deﬁnition of

another object class already deﬁned in the LDAP server schema.

Optional, use to specify any directory-speciﬁc information about the attribute type. See

the SPECIFYING DIRECTORY-SPECIFIC INFORMATION section for details.

Each object class deﬁnition must meet the following conditions in order to be added to the LDAP directory

server schema:

• The object class has a numeric OID which adheres to RFC 2252 format speciﬁcation.

• The object class has at least one name. Each name must adhere to RFC 2252 format speciﬁcation.

• No other object classes in the schema deﬁnition ﬁle or on the LDAP directory server have the same

OID or any of its name values.

• The super-class(es) used by this object classes are deﬁned.

• The attribute(s) used by this object classes are deﬁned.

• The inheritance hierarchy has no cycles (no circular dependencies exist in the super-class/sub-class

relationships).

• An

ABSTRACT object class can specify only ABSTRACT object class(es) as its super-class(es).

• An

AUXILIARY object class can specify ABSTRACT or AUXILIATY object class(es) as its super-

class(es).

• A

STRUCTURAL object class can specify ABSTRACT or STRUCTURAL object class(es) as its super-

class(es).

Predeﬁned Schema Deﬁnition Files

The following LDAP schema deﬁnition ﬁles are delivered with the LDAP-UX product:

• /etc/opt/ldapux/schema/rfc2256.xml

• /etc/opt/ldapux/schema/rfc2307.xml

• /etc/opt/ldapux/schema/rfc2307-bis.xml

• /etc/opt/ldapux/schema/rfc2926.xml

• /etc/opt/ldapux/schema/rfc3712.xml

These ﬁles are provided as examples to demonstrate how to deﬁne new LDAP schema deﬁnition ﬁles to

use with the ldapschema utility. Since these ﬁles deﬁne attribute types and object classes that come

pre-installed on most LDAP directory servers they are not intended for extending the LDAP directory

server schema. Instead, these ﬁles are provided for reference when creating the new schema deﬁnition

ﬁles to query and extend the LDAP directory server schema with the new attribute type and object class

deﬁnitions.

SPECIFYING DIRECTORY-SPECIFIC INFORMATION

Attribute type and object class deﬁnitions can be extended with directory-speciﬁc information using the

<dsSpecific> tag. This is useful to maintain a single schema deﬁnition ﬁle for different types and

versions of LDAP directory servers. The following example illustrates how a single attribute type

deﬁnition can be altered to support HP-UX Directory Server and Active Directory Server directory server

speciﬁc deﬁnitions simultaneously.

HP-UX 11i v3: June 2010 Web Release − 7 − Hewlett-Packard Company 7