PingDirectory

Managing an object class over LDAP

Manage an object class schema element over LDAP by adding a new attribute element to an existing object class. You can create your own schema file or enter the schema from the command line. In either case, you must pay special attention to text spacing and ASN.1 formatting.

Before you begin

Define the attribute you want to add to the custom schema file.

Steps

The following example procedure adds a predefined attribute, contractorAddress, to the custom schema file, then adds it to the contractor object class.

  1. Create and save an LDIF file with the content in the following example.

    Example:

    In this example, the file is named contractorAddress-attr.ldif.

    dn: cn=schema
changetype: modify
add: attributeTypes
attributeTypes: ( contractor-OID NAME 'contractorAddress'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  SINGLE-VALUE
  USAGE userApplications
  X-ORIGIN 'user defined'
  X-SCHEMA-FILE '98-custom-schema.ldif' )

  2. To add the attribute you defined, run ldapmodify.

    Example:

    In this example, the contractorAddress attribute is being added.

    $ bin/ldapmodify --filename contractorAddress-attr.ldif

  3. To modify the contractor object class to allow this attribute, create an LDIF file.

    When doing this, you’re submitting the updated object class. The PingDirectory server handles the proper replacement of the existing object class with the new one.

    Ensure that the lines don’t wrap in the LDIF file.

    Example:

    In this example, the file is named contractor-oc.ldif.

    dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( contractor-OID NAME 'contractor'
  DESC 'Contractor status information'
  SUP top
  AUXILIARY MAY ( contractorStatus $ contractorAgency $ contractorAddress )
  X-ORIGIN 'Directory Server Example'
  X-SCHEMA-FILE '98-custom-schema.ldif' )

  4. To update the object class, run ldapmodify.

    Example:

    $ bin/ldapmodify --filename contractor-oc.ldif

    Result:

    These schema changes are replicated to all servers in the replication topology.

  5. To verify the change, review the config/schema/98-custom-schema.ldif file on the other servers in the replication topology.

  6. (Optional) To add an index for this attribute, run dsconfig with the create-local-db-index option. You must do this on each server in your topology unless you have server configuration groups set up. Learn more in Configuring server groups.

    Example:

    $ bin/dsconfig create-local-db-index --backend-name userRoot \
  --index-name contractorAddress --set index-type:equality

  7. Rebuild the index online.

    This doesn’t affect other indexes or entries because there is no existing data for this attribute on any entry.

    Example:

    $ bin/rebuild-index --baseDN dc=example,dc=com --index contractorAddress