4

This is my first time at LDAP . I have setup an openldap on ubuntu machine and an ldap browser (phpldapadmin) on the remote system .I 'm trying to add two custom attributes to the cn=config and i get a successful message but if i see the attributes or the schema in the ldap browser its no where visible , please let me know where i'm going wrong . Below are the steps i have taken

1)Creating custom.schema file 

#file to add custom schemas to the ldap

attributetype ( 1.7.11.1.1
        NAME 'studentid'
        DESC 'unique id given to each student of the college'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.7.11.1.2
        NAME 'pexpiry'
        DESC 'indicated the date of password expiry'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )


objectClass ( 1.7.11.1.1.100
    NAME 'Studentinfo'
        DESC 'Studentinfo object classes '
    SUP top
    AUXILIARY
        MUST  ( studentid $ pexpiry $
             )
        )

2)Create an ldif file 

#ldif file containing the custom schema

dn: cn=custom,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: custom

olcAttributeTypes: ( 1.7.11.1.1
        NAME 'studentid'
        DESC 'unique id given to each student of the college'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

olcAttributeTypes: ( 1.7.11.1.2
        NAME 'pexpiry'
        DESC 'indicated the date of password expiry'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )


olcObjectClasses: ( 1.7.11.1.1.100
    NAME 'Studentinfo'
        DESC 'Studentinfo object class '
    SUP top
    AUXILIARY
        MUST  ( studentid $ pexpiry $
             )
        )

3)Add the ldif file to the cn=config using the below command 

ldapadd -x -h 192.168.2.3 -D "cn=admin,cn=config" -W -f ./custom.ldif

It first asks for password , i enter the password and i get the message as 

Adding entry  "cn=custom,cn=schema,cn=config"

But when i goto browser i don't see the schema nor the attributes there .I tried to add an user it said invalid attributes .

Improve this question
3
  • Did you resolve this. I am having a similar issue with 389-DS ldap server. I've created a custom attribute both in the front end and via ldif files. I can see the attribute when i view the attributes but if i try and add it to a user in an ldif file with ldapmodify, it complains the attribute is not valid. I added it to cn=schema so was wondering if it might be that the attribute isnt actually added to the schema Commented Aug 28, 2014 at 21:45
  • did you add your custom schema in slapd.conf? Commented Feb 6, 2015 at 11:44
  • For lurkers found this question. Ldapadd command is correct and openldap allows to change schema on fly. I think problem here because ldif file is not valid (empty lines). Working: dn: cn=add_attributes,cn=schema,cn=config objectClass: olcSchemaConfig cn: add_attributes olcAttributeTypes: {0}( 1.3.6.1.4.1.1234.1.34234234 NAME 'objectGUID' DESC ' Microsoft Active Directory uuid' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4 .1.1466.115.121.1.40 SINGLE-VALUE ) olcObjectClasses: {0}( 1.2.3.4.56789.1.0.200 NAME 'testUserClass' SUP inetOr gPerson STRUCTURAL MAY objectGUID ) Commented Feb 15, 2024 at 5:04

1 Answer 1

Reset to default
2

1] Add custom schema in slapd.conf and restart LDAP service.If Everything is ok service will start properly otherwise it will give error. 2] After this if possible use Apache Studio for browsing,i was also not able to see the custom object in other browsers.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.