HP-UX Reference (11i v2 07/12) - 1 User Commands A-M (vol 1)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

551

552

553

554

555

556

557

558

559

560

ldapschema(1) ldapschema(1)

matching rules and syntaxes on the LDAP server. However, some types of directory servers do not provide

this information as part of the search. Perform the following command to determine if your directory

server returns information about supported matching rules and LDAP syntaxes:

First, determine the <schemaDN> :

/opt/ldapux/bin/ldapsearch -b "" -s base \

"(objectclass=*)" subschemasubentry

Then, obtain the list of supported matching rules and LDAP syntaxes:

/opt/ldapux/bin/ldapsearch -b "<schemaDN>" -s base \

"(objectclass=*)" matchingRules ldapSyntaxes

If the latter search does not return a complete listing of supported matching rules and LDAP syntaxes, they

need to be speciﬁed in the

/etc/opt/ldapux/schema/schema-

ds_type.xml ﬁle, where ds_type

corresponds to the same value speciﬁed with the

-T option on the command line when executing the

ldapschema utility.

The LDAP directory server deﬁnition, enclosed by the

tags, may specify the

schema description, followed by any number of supported matching rules and LDAP syntax deﬁnitions.

Using Active Directory Server as an example, run

ldapschema with the -T ads option, so the

corresponding directory server deﬁnition is obtained from

/etc/opt/ldapux/schema/schema-

ads.xml

ﬁle provided with the utility.

After general schema information is speciﬁed, supported matching rules, if any, must be speciﬁed followed

by any supported LDAP syntaxes deﬁnitions. The example below deﬁnes two syntaxes supported on ADS

(lines 8-12 and 14-18).

Line 1: <?xml version="1.0" encoding="UTF-8"?>

Line 2: <!DOCTYPE dsSchemaDefinition SYSTEM "/etc/opt/ldapux/schema/schema.dtd">

Line 3:

Line 4: <dsSchemaDefinition>

Line 5:

Line 6: <schemaDescription>ADS Syntaxes</schemaDescription>

Line 7:

Line 8: <syntaxDefinition>

Line 9: <oid>2.5.5.1</oid>

Line 10: <desc>Distinguished Name</desc>

Line 11: <oMSyntax>127</oMSyntax>

Line 12: </syntaxDefinition>

Line 13:

Line 14: <syntaxDefinition>

Line 15: <oid>2.5.5.2</oid>

Line 16: <desc>Object Identifier</desc>

Line 17: <oMSyntax>6</oMSyntax>

Line 18: </syntaxDefinition>

Line 19:

Line 20: </dsSchemaDefinition>

Lines 1-2 are required in every LDAP directory server deﬁnition ﬁle. LDAP syntax and matching rules

deﬁnitions closely follow the format speciﬁed in RFC 2252. Values speciﬁed for all XML tags must not be

quoted. Only the description ﬁeld (enclosed by <desc>...</desc> tags) can contain spaces.

Deﬁning LDAP Syntaxes

Each <syntaxDefinition> can contain the following case-sensitive tags, in the order speciﬁed:

<oid> Required. Exactly one numeric id must be speciﬁed.

<desc> Optional. At most one description can be speciﬁed.

<oMSyntax> Required on ADS only, ignored on other types of LDAP directory servers.

Deﬁning Matching Rules

Each <matchingRuleDefinition> can contain the following case-sensitive tags, in the order

speciﬁed:

HP-UX 11i Version 2: December 2007 Update − 9 − Hewlett-Packard Company 553