HP-UX Reference (11i v2 07/12) - 1 User Commands A-M (vol 1)
l
ldapschema(1) ldapschema(1)
<usage> Optional, must contain one of the following possible values:
userApplications
,
directoryOperation
, distributedOperation
,ordSAOperation
. At most
one
usage value can be specified.
<indexed> Optional, use if an attribute type requires indexing. At most one
indexed flag can be set.
<dsSpecific>
Optional, use to specify any directory-specific information about the attribute type. See the
SPECIFYING DIRECTORY-SPECIFIC INFORMATION section for details.
Each attribute type definition must meet the following conditions in order to be added to the LDAP direc-
tory server schema:
• The attribute type has a numeric OID which adheres to RFC 2252 format specification.
• The attribute type has at least one name. Each name must adhere to RFC 2252 format specification.
• No other attribute types in the schema definition file or on the LDAP directory server have the same
OID or any of its name values.
• The super-type used by this attribute type is defined.
• The attribute type specifies either an LDAP syntax value or a super-type. Some directory servers, for
example ADS, do not support attribute type inheritance. For such directory servers, the LDAP syntax
for the sub-type attribute is obtained from the super-type definition and the super-type/sub-type rela-
tionship is ignored.
• The matching rules and syntaxes used by this attribute type are supported by the LDAP directory
server. See the MAPPING UNSUPPORTED MATCHING RULES AND LDAP SYNTAXES section for
details.
• The inheritance hierarchy has no cycles (no circular dependencies exist in the super-class/sub-class rela-
tionships).
• If the attribute type has a super-type, they both have the same
USAGE value.
Defining Object Classes
Each
<objectClassDefinition>
can contain the following case-sensitive tags, in the order specified:
<oid> Required. Exactly one numeric id must be specified. <oid> value must adhere to RFC
2252 format specification.
<name> Required. At least one object class name must be specified. Do not use quotes around the
name values. <name> value must adhere to RFC 2252 format specification.
<displayName>
Optional. At most one display name can be specified. This tag specifies a display name of
the object class used by LDAP clients and administrative tools. Currently,
<display-
Name>
applies only to Active Directory Server (ADS) to specify lDAPDisplayName and
adminDisplayName if different from the
<name> value.
<desc> Optional. At most one description can be specified. Do not use quotes around the descrip-
tion value.
<obsolete> Optional, use only if applicable. Obsolete object classes cannot be used in definitions of any
other object classes. At most one obsolete flag can be specified.
<subClassOf>
Optional, use if an object class has super-classes. The specified super-class must already
exist on the LDAP directory server, or must its definition must be specified in the same
schema definition file.
<type> Optional, must contain one of the following possible values: STRUCTURAL , AUXILIARY ,
ABSTRACT. At most one type value can be specified.
<must> Optional, use if an object class has mandatory attributes. The specified attributes must
already exist on the LDAP directory server, or must its definition must be specified in the
same schema definition file.
<may> Optional, use if an object class has optional attributes. The specified attributes must
already exist on the LDAP directory server, or must its definition must be specified in the
same schema definition file.
550 Hewlett-Packard Company − 6 − HP-UX 11i Version 2: December 2007 Update